Friday, September 07, 2007
Some more stats about graylisting
Some stats from the graylist daemon. I'm automatically accepting emails from Yahoo, AOL and BellSouth, plus three other servers that run problematic mailing lists—all other emails are going through the graylisting process. I've been running the daemon for almost 48 hours, with an embargo time of one hour, and cleaning out records that haven't seen activity for 12 hours (I check this every five minutes).
| tuples | 2684 |
|---|---|
| graylisted | 8217 |
| whitelisted | 22 |
| graylist expired | 5533 |
| whitelist expired | 0 |
About 0.3% of all emails that are subjected to the graylist process make it through to the whitelist. Of those 22 that got through, eight were spam (amazing! Spammers using a real SMTP server!) and of those, four were delivered to an actual in-use email address.
Not bad, considering I was averaging a few hundred (maybe even as high as a thousand) per day.
Another interesting bit—I limit the size of email addresses to 108 characters and so far, only one address has been truncated, yet still made it to the whitelist (it was a notification from Linked In) in 2½ hours despite coming from four different IP addresses.
It appears to be working rather well, although I do have some notes about stuff I'd like to add:
- have some way of removing a whitelist entry (due to spam making it through)
- make a configuration file—the command line is getting a bit silly
- have the daemon reread the IP whitelist, for on-the-fly updates (due to forgetting about GMail)
- make a
/var/run/<pid>file - if run as root, switch to another user
- report running time on various reports
Next up—getting this implemented on one of The Company's domains.
