Friday, March 21, 2008
The Email Situation
About that email issue …
Our problems all stem from the greylist daemon I wrote. Or more specifically, the interaction between the greylist daemon and sendmail. Or even more specifically, the greylist daemon and the milter library.
As far as I can tell, the problem is: customer uses
Lookout Outlook or Lookout, Exploit! Outlook Express, configured to use SMTP AUTH. Sendmail hands the authentication off to some other process, which okays it, then sendmail hands the request off to the greylist daemon, which, since it's coming from a foreign address, of course greylists it, and the customer gets an error message from Lookout Outlook or Lookout, Exploit! Outlook Express that says, “Try again later!”
And then we (or our resellers) get a call.
What I would like is for sendmail to skip the greylist daemon if SMTP AUTH is being used, but I'm not sure how to apply the clue-by-four to sendmail.
That's separate from the issue that spammers seem to be clueing in to greylisting and are finding ways around it …