Reset Greylist database?

B

bct

Member
Jul 14, 2006
20
1
23
Saskatoon, SK
www.bct.cc
Hello Martin, I hope you are doing well.

Until recently the greylist protection used to control 86% - 92% of all incoming emails, which was excellent.

3 days ago it dropped to 80%
2 days ago it dropped to 72%
1 day ago it dropped to 64%

Is it possible that the spammers have authenticated once, and are now passing the greylist feature?

I am interested to know if I were to reset/clear the white portions of the database that controls the greylist feature if that might help?

If yes, how would I go about accomplishing this?

Thank you for your assistance.

BCT
 
I forgot to mention in my previous post that this system manages 14000 to 18000 daily incoming emails, which 99% are junk. Therefore a 25% drop in greylist protection equals to 3000 to 4000 daily messages that are no longer controlled by the greylist.

Cheers!

BCT
 
The greylisting database maintain itself, so there is no need to reset it.

bct said:
I forgot to mention in my previous post that this system manages 14000 to 18000 daily incoming emails, which 99% are junk. Therefore a 25% drop in greylist protection equals to 3000 to 4000 daily messages that are no longer controlled by the greylist.
Click to expand...

If a spammer uses a RFC comform MTA it will always pass greylisting. But those mails are still scanned by all other tests.

- Dietmar
 
dietmar said:
BTW, greylisting usually blocks about 50%-60%. (rates of 86% - 92% are quite uncommon).
Click to expand...
I did not realize that.

After 10 weeks I became accustomed to seeing greylisting rates around 90%.

Other than a spammer is now using a RFC conform MTA, is there any other explanation why greylisting would quickly drop and settle at 64%?

By the way, I have not yet seen (or heard from users) any negative outcome from this change except for some additional traffic at the router, but nothing significant at this time.

Thank You

BCT
 
bct said:
Other than a spammer is now using a RFC conform MTA, is there any other explanation why greylisting would quickly drop and settle at 64%?
Click to expand...

Maybe a virus or bot-network got your email addresses, and bombed you with spam mails in the past. If someone stopped that, it would explain the behaviour.

Is there a drop in the overall number of mails you receive?

- Dietmar
 
dietmar said:
Maybe a virus or bot-network got your email addresses, and bombed you with spam mails in the past. If someone stopped that, it would explain the behaviour.

Is there a drop in the overall number of mails you receive?

- Dietmar
Click to expand...
I just reviewed the number of daily incoming emails, and it looks like it has increased.
Until 7 days ago the number of daily incoming emails averaged around 11000 or 12000.
Over the past 7 days the daily incoming emails has increased to 15000 to 18000.

So it seems that starting about 7 days ago we began to receiving 4000 more daily incoming emails then before. I will also jump to the conclusion that these recent 4000 additional daily emails are conforming to MTA which explains why it initially ‘seemed’ that the greylist was catching 4000 less emails then it should. I now believe the greylisting is working correctly and does not need to be reset.

Let me know if you disagree with this theory?

Thank you for your assistance Deitmar.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back