Greylisting

Nie będzie to wpis nastepny o greylistingu. Zapewne każdy kto tu wchodzi wie czym jest greylisting.W skrócie podczas odbierania maila system zapamiętuje trójkę danych (adres nadawcy,adres odbiorcy, ip nadawcy). W ten sposób odpada duża liczba spamu ponieważ np botnety nie ponawiają wysyłki i mail nie przechodzi. Prawdę mówiąc nie wiem ile ginie bo już od dawna używam greylistingu.

Wadą systemu jest to , że pierwszy mail „idzie” dłużej. Oczywiscię telefony, że ktoś wysłał ale coś nie dochodzi. Do przeżycia, Drugą wada jest to,że mail w ekstremalnym przypadku może nie przyjść wcale. Jeśli nadawca ma dużo serwerów poczty wysyłających, za każda próbą wysyłki może próbować innego. W ten sposób przy dużym pechu mail może nie przejść

Jeśli admin cudem nie wdrożył tej metody polecam zacząć od wikipedi i wzdrożyć.

I do tego służy whilista adresów IP. Dobrze do niej dodać adresy IP googla czy innych dużych serwisów.Oto jest programu postgrey z moimi dopisanymi adresami ip

# greylisting.org: Southwest Airlines (unique sender, no retry)
southwest.com
# greylisting.org: Yahoo Groups servers (no retry)
scd.yahoo.com
# greylisting.org: isp.belgacom.be (wierd retry pattern)
isp.belgacom.be
# greylisting.org: Ameritrade (no retry)
ameritradeinfo.com
# greylisting.org: Amazon.com (unique sender with letters)
amazon.com
# 2004-05-20: Linux kernel mailing-list (unique sender with letters)
vger.kernel.org
# 2004-06-02: karger.ch, no retry
karger.ch
# 2004-06-02: lilys.ch, (slow: 4 hours)
server-x001.hostpoint.ch
# 2004-06-09: roche.com (no retry)
gw.bas.roche.com
# 2004-06-09: newsletter (no retry)
mail.hhlaw.com
# 2004-06-09: no retry (reported by Ralph Hildebrandt)
prd051.appliedbiosystems.com
# 2004-06-17: swissre.com (no retry)
swissre.com
# 2004-06-17: dowjones.com newsletter (unique sender with letters)
returns.dowjones.com
# 2004-06-18: switch.ch (works but personnel is confused by the error)
domin.switch.ch
# 2004-06-23: accor-hotels.com (slow: 6 hours)
accor-hotels.com
# 2004-06-29: rr.com (no retry, reported by Duncan Hill)
/^ms-smtp.*\.rr\.com$/
# 2004-06-29: cox.net (no retry, reported by Duncan Hill)
/^lake.*mta.*\.cox\.net$/
# 2004-06-29: motorola.com (no retry)
mot.com
# 2004-07-01: nic.fr (address verification, reported by Arnaud Launay)
nic.fr
# 2004-07-01: verizon.net (address verification, reported by Bill Moran and Eric, adapted by Adam C. Mathews)
/^s[cv]\d+pub\.verizon\.net$/
# 2004-07-02: cs.columbia.edu (no retry)
cs.columbia.edu
# 2004-07-02: papersinvited.com (no retry)
66.216.126.174
# 2004-07-02: telekom.de (slow: 6 hours)
/^mail\d+\.telekom\.de$/
# 2004-07-04: tiscali.dk (slow: 12 hours, reported by Klaus Alexander Seistrup)
/^smtp\d+\.tiscali\.dk$/
# 2004-07-04: freshmeat.net (address verification)
freshmeat.net
# 2004-07-11: zd-swx.com (unique sender with letters, reported by Bill Landry)
zd-swx.com
# 2004-07-11: lockergnome.wc09.net (unique sender with letters, reported by Bill Landry)
lockergnome.wc09.net
# 2004-07-19: mxlogic.net (no retry, reported by Eric)
p01m168.mxlogic.net
p02m169.mxlogic.net
# 2004-09-08: intel.com (pool on different subnets) 
/^fmr\d+\.intel\.com$/
# 2004-09-17: cox-internet.com (no retry, reported by Rod Roark)
/^fe\d+\.cox-internet\.com$/
# 2004-10-11: logismata.ch (no retry)
logismata.ch
# 2004-11-25: brief.cw.reum.de (no retry, reported by Manuel Oetiker)
brief.cw.reum.de
# 2004-12-03: ingeno.ch (no retry)
qmail.ingeno.ch
# 2004-12-06: rein.ch (no retry)
mail1.thurweb.ch
# 2005-01-26: tu-ilmenau.de (no retry)
piggy.rz.tu-ilmenau.de
# 2005-04-06: polymed.ch (no retry)
mail.polymed.ch
# 2005-06-08: hu-berlin.de (slow: 6 hours, reported by Joachim Schoenberg)
rz.hu-berlin.de
# 2005-06-17: gmail.com (big pool, reported by Beat Mueller)
proxy.gmail.com
# 2005-06-23: cacert.org (address verification, reported by Martin Lohmeier)
cacert.org
# 2005-07-27: polytech.univ-mrs.fr (no retry, reported by Giovanni Mandorino)
polytech.univ-mrs.fr
# 2005-08-05: gnu.org (address verification, reported by Martin Lohmeier)
gnu.org
# 2005-08-17: ciphirelabs.com (needs fast responses, reported by Sven Mueller)
cs.ciphire.net
# 2005-11-11: lufthansa (no retry, reported by Peter Bieringer)
/^gateway\d+\.np4\.de$/
# 2005-11-23: arcor-online.net (slow: 12 hours, reported by Bernd Zeimetz)
/^mail-in-\d+\.arcor-online\.net$/
# 2005-12-29: netsolmail.com (no retry, reported by Gareth Greenaway)
netsolmail.com
# mail.likopris.si (no retry, reported by Vito Robar)
193.77.153.67
# jcsw.nato.int (several servers, no retry, reported by Vito Robar)
195.235.39
# tesla.vtszg.hr (no retry, reported by Vito Robar)
tesla.vtszg.hr
# mailgw*.iai.co.il (pool of several servers, reported by Vito Robar)
/^mailgw.*\.iai\.co\.il$/
# gw.stud-serv-mb.si (no retry, reported by Vito Robar)
gw.stud-serv-mb.si
# mail.commandtech.com (no retry, reported by Vito Robar)
216.238.112.99
# duropack.co.at (no retry, reported by Vito Robar)
193.81.20.195
# mail.esimit-tech.si (no retry, reported by Vito Robar)
193.77.126.208
# mail.resotel.be (ocasionally no retry, reported by Vito Robar)
80.200.249.216
# mail2.alliancefr.be (ocasionally no retry, reported by Vito Robar)
mail2.alliancefr.be
# webserver.turboinstitut.si (no retry, reported by Vito Robar)
webserver.turboinstitut.si
# mil.be (pool of different servers, reported by Vito Robar)
193.191.218.141
193.191.218.142
193.191.218.143
194.7.234.141
194.7.234.142
194.7.234.143
# mail*.usafisnews.org (no retry, reported by Vito Robar)
/^mail\d+\.usafisnews\.org$/
# odk.fdv.uni-lj.si (no retry, reported by Vito Robar)
/^odk.fdv.uni-lj.si$/
# rak-gentoo-1.nameserver.de (no retry, reported by Vito Robar)
rak-gentoo-1.nameserver.de
# dars.si (ocasionally no retry, reported by Vito Robar)
mx.dars.si
# cosis.si (no retry, reported by Vito Robar)
213.143.66.210
# mta?.siol.net (sometimes no or slow retry; they use intermail, reported by Vito Robar)
/^mta[12].siol.net$/
# pim-N-N.quickinspirationsmail.com (unique sender, reported by Vito Robar)
/^pim-\d+-\d+\.quickinspirationsmail\.com$/
# flymonarch (no retry, reported by Marko Djukic)
flymonarch.com
# wxs.nl (no retry, reported by Johannes Fehr)
/^p?smtp.*\.wxs\.nl$/
# ibm.com (big pool, reported by Casey Peel)
ibm.com
# messagelabs.com (big pool, reported by John Tobin)
/^mail\d+\.messagelabs\.com$/
# ptb.de (slow, reported by Joachim Schoenberg)
berlin.ptb.de
# registrarmail.net (unique sender names, reported by Simon Waters)
registrarmail.net
# google.com (big pool, reported by Matthias Dyer)
/^.*-out-.*\.google\.com$/
# orange.fr (big pool, reported by Lo�c Le Loarer)
/^smtp\d+\.orange\.fr$/
# citigroup.com (slow retry, reported by Michael Monnerie)
/^smtp\d+.citigroup.com$/
# cruisingclub.ch (no retry)
mail.ccs-cruising.ch
# digg.com (no retry, Debian #406774)
diggstage01.digg.com
# liberal.ca (retries only during 270 seconds, Debian #406774)
smtp.liberal.ca
# pi.ws (pool + long retry, Debian #409851)
/^mail[12]\.pi\.ws$/
# rambler.ru (big pool, reported by Michael Monnerie)
rambler.ru
# free.fr (big pool, reported by Denis Sacchet)
/^smtp[0-9]+-g[0-9]+\.free\.fr$/
/^postfix[0-9]+-g[0-9]+\.free\.fr$/
# thehartford.com (pool + long retry, reported by Jacob Leifman)
/^netmail\d+\.thehartford\.com$/
# abb.com (only one retry, reported by Roman Plessl)
/^nse\d+\.abb\.com$/
# 2007-07-27: sourceforge.net (sender verification)
lists.sourceforge.net
# 2007-08-06: polytec.de (no retry, reported by Patrick McLean)
polytec.de
# 2007-09-06: qualiflow.com (no retry, reported by Alex Beckert)
/^mail\d+\.msg\.oleane\.net$/
go2.pl 
#193.17.41.0/24 
#193.222.135.0/24 
#212.126.20.0/25 
#195.200.214.0/24

gazeta.pl
#193.42.228.0/22 
#194.149.228.0/22 
#80.252.0.0/18 
#193.42.230.131 
#91.121.71.212

interia.pl
#217.74.64.0/22 
#213.25.80.0/24 
#80.48.65.0/24
#onet.pl onet.eu
213.180.128.0/19

fullcompany.telecomitalia.it
# 2007-10-18: aliplast.com (long retry, reported by Johannes Feigl)
mail.aliplast.com
# 2007-10-18: inode.at (long retry, reported by Johannes Feigl)
/^mx\d+\..*\.inode\.at$/
# 2008-02-01: bol.com (no retry, reported by Frank Breedijk)
/^.*?.server.arvato-systems.de$/
# 2008-06-05: registeredsite.com (no retry, reported by Fred Kilbourn)
/^(?:mail|fallback-mx)\d+.atl.registeredsite.com$/
# 2008-07-17: mahidol.ac.th (no retry, reported by Alex Beckert)
saturn.mahidol.ac.th
# 2008-07-18: ebay.com (big pool, reported by Peter Samuelson)
ebay.com
# 2008-07-22: yahoo.com (big pool, reported by Juan Alonso)
yahoo.com
# 2008-11-07: facebook (no retry, reported by Tim Freeman)
/^outmail\d+\.sctm\.tfbnw\.net$/
# 2009-02-10: server14.cyon.ch (long retry, reported by Alex Beckert)
server14.cyon.ch
# 2009-08-19: 126.com (big pool)
/^m\d+-\d+\.126\.com$/
# 2010-01-08: tifr.res.in (no retry, reported by Alex Beckert)
home.theory.tifr.res.in
# 2010-01-08: 1blu.de (long retry, reported by Alex Beckert)
ms4-1.1blu.de
# 2010-03-17: chello.at (big pool, reported by Jan-willem van Eys)
/^viefep\d+-int\.chello\.at$/
# 2010-05-31: nic.nu (long retry, reported by Ivan Sie)
mx.nic.nu
# 2010-06-10: Microsoft servers (long/no retry, reported by Roy McMorran)
bigfish.com
frontbridge.com
microsoft.com
# 2010-06-18: Google/Postini (big pool, reported by Warren Trakman)
postini.com
# 2011-02-04: evanzo-server.de (no retry, reported by Andre Hoepner)
/^mx.*\.evanzo-server\.de$/
# 2011-05-02: upcmail.net (big pool, reported by Michael Monnerie)
upcmail.net
#216.239.32.0/19 
#64.233.160.0/19 
#66.249.80.0/20 
#72.14.192.0/18 
#209.85.128.0/17 
#66.102.0.0/20 
#74.125.0.0/16 
#64.18.0.0/20 
#207.126.144.0/20 
#173.194.0.0/16
gmail.com
wp.pl
#nielsen.com
207.46.163.138
207.46.163.139
207.46.163.140
207.46.163.141
207.46.163.142
207.46.163.143
207.46.163.144
207.46.163.145
207.46.163.181
207.46.163.182
207.46.163.184
207.46.163.185
207.46.163.186
207.46.163.187
207.46.163.188
207.46.163.189
207.46.163.190
207.46.163.203
207.46.163.204
207.46.163.205
207.46.163.206
207.46.163.207
207.46.163.208
207.46.163.209
207.46.163.210
207.46.163.211
207.46.163.212
207.46.163.235
207.46.163.236
207.46.163.237
207.46.163.238
207.46.163.239
207.46.163.240
207.46.163.242
207.46.163.243
207.46.163.244
207.46.163.239
207.46.163.24
207.46.163.241
207.46.163.25
207.46.163.26
207.46.163.27
216.32.180.12
216.32.180.31
#212.77.96.0/19
#195.205.40.200/29
caseificioprincipe.it
bongomedia.tv
#Google
/^mail\-*\.google\.com$/
216.73.93.70/31 
216.73.93.72/31
216.239.32.0/19 
64.233.160.0/19 
66.249.80.0/20 
72.14.192.0/18 
209.85.128.0/17 
66.102.0.0/20 
74.125.0.0/16 
64.18.0.0/20 
207.126.144.0/20 
173.194.0.0/16
75.126.28.80
stalgast.com
outlook.com
217.74.69.10
217.74.69.18
217.74.69.8
217.74.69.9
#gumtree
195.78.84.201
195.78.84.202
195.78.84.203
195.78.84.204
195.78.84.205
195.78.84.206
195.78.84.207
195.78.84.208
195.78.84.209
195.78.84.210
195.78.84.211
195.78.84.212
195.78.84.213
195.78.84.214
195.78.84.215
195.78.84.216

One thought on “Greylisting

  1. Problemem jest to, że Microsoft się szmaci i źle maile ponawiają z farm pocztowych, ze złych adresów. Ale do przeżycia. Klient dostaje informacje, żeby się zwrócił do Microsoftu i już.

Dodaj komentarz

Twój adres e-mail nie zostanie opublikowany. Wymagane pola są oznaczone *