Greylisting.Org >

Whitelisting

ADVERTISEMENTS

When one does greylisting one generally also need to do some whitelisting. Whitelisting basically means having a list of sender email servers (IPs) / sender email addresses that are never refused on first try (as greylisting does). In some cases you might do this because you trust the mailer and do not want to delay whatever mail it sends to you. However, and this is the case to note(!); there are misbehaving mailers (MTAs) out there that will not be able to get a legitimate email through a greylisting server BECAUSE IT DOES NOT TRY AGAIN LATER (as the RFC email server standards defines that it has to do)!. Of course you may say: "f*** them for not adhering to the standards! we do not want mail from them anyway!", however this is a baaaad solution as 1) you may lose important mail this way 2) your clients may lose important mail this way (and they will not appreciate this!). Therefore: Whitelisting is a _must_ for a production server that uses greylisting. Whitelisting some IPs/email addresses generally is included with all greylisting implementations (do not choose an implementation that does not allow you to define some IPs to whitelist!).

Known misbehaving/incompatible mailers (MTAs)

This is an INCOMPLETE list of misbehaving mailers. The list is copied from: projects.puremagic.com/web-svn/wsvn/greylisting/trunk/schema/whitelist_ip.txt. Please let me know if the list is updated and the info on this page does not reflect the updates! To suggest updates for this list please visit the link above.

127.0.0.1 # Of course we don't want to delay ourselves or local users
192.168 # Don't delay our private networks either
10 # Private net (class A)
172.16 # Another private net (inidividual entries, since can't
172.17 # do a /12 netmask easily
172.18
172.19
172.20
172.21
172.22
172.23
172.24
172.25
172.26
172.27
172.28
172.29
172.30
172.31

# Public Servers

12.5.136.141 # Southwest Airlines (unique sender, no retry)
12.5.136.142 # Southwest Airlines (unique sender, no retry)
12.5.136.143 # Southwest Airlines (unique sender, no retry)
12.5.136.144 # Southwest Airlines (unique sender, no retry)
12.107.209.244 # kernel.org mailing lists (high traffic, unique sender per mail)
63.82.37.110 # SLmail
63.169.44.143 # Southwest Airlines (unique sender, no retry)
63.169.44.144 # Southwest Airlines (unique sender, no retry)
64.7.153.18 # sentex.ca (common pool)
64.12.137 # AOL (common pool) - http://postmaster.aol.com/servers/imo.html
64.12.138 # AOL (common pool)
64.124.204.39 # moveon.org (unique sender per attempt)
64.125.132.254 # collab.net (unique sender per attempt)
#64.233.162 # zproxy.gmail.com (common server pool, bad 451 handling?)
#64.233.170 # rproxy.gmail.com (common server pool, bad 451 handling?)
#64.233.182 # nproxy.gmail.com (common server pool, bad 451 handling?)
#64.233.184 # wproxy.gmail.com (common server pool, bad 451 handling?)
#65.82.241.160 # Groupwise?
66.94.237 # Yahoo Groups servers (common pool, no retry)
66.100.210.82 # Groupwise?
66.135.209 # Ebay (for time critical alerts)
66.135.197 # Ebay (common pool)
66.162.216.166 # Groupwise?
66.206.22.82 # PLEXOR
66.206.22.83 # PLEXOR
66.206.22.84 # PLEXOR
66.206.22.85 # PLEXOR
66.218.66 # Yahoo Groups servers (common pool, no retry)
66.218.67 # Yahoo Groups servers (common pool, no retry)
66.218.69 # Yahoo Groups servers (common pool, no retry)
#66.249.82 # gmail (common server pool, bad 451 handling)
66.27.51.218 # ljbtc.com (Groupwise)
#66.89.73.101 # Groupwise?
#68.15.115.88 # Groupwise?
#72.14.204 # qproxy.gmail.com (common server pool, bad 451 handling?)
152.163.225 # AOL (common pool)
194.245.101.88 # Joker.com (email forwarding server)
195.235.39.19 # Tid InfoMail Exchanger v2.20
195.238.2 # skynet.be (wierd retry pattern, common pool)
195.238.3 # skynet.be (wierd retry pattern, common pool)
#204.60.8.162 # Groupwise?
204.107.120.10 # Ameritrade (no retry)
205.188.139.136 # AOL (common pool)
205.188.139.137 # AOL (common pool)
205.188.144.207 # AOL (common pool)
205.188.144.208 # AOL (common pool)
205.188.156.66 # AOL (common pool)
205.188.157 # AOL (common pool)
205.188.159.7 # AOL (common pool)
205.206.231 # SecurityFocus.com (unique sender per attempt)
205.211.164.50 # sentex.ca (common pool)
207.115.63 # Prodigy (broken software that retries continually with no delay)
207.171.168 # Amazon.com (common pool)
207.171.180 # Amazon.com (common pool)
207.171.187 # Amazon.com (common pool)
207.171.188 # Amazon.com (common pool)
207.171.190 # Amazon.com (common pool)
#209.104.63 # Ticketmaster (poor retry config)
209.132.176.174 # sourceware.org mailing lists (high traffic, unique sender per mail)
211.29.132 # optusnet.com.au (wierd retry pattern and more than 48hrs)
213.136.52.31 # Mysql.com (unique sender)
#216.136.226.0 # Yahoo Mail?
#216.157.204.5 # Groupwise?
#216.239.56 # proxy.gmail.com (common server pool, bad 451 handling?)
217.158.50.178 # AXKit mailing list (unique sender per attempt)

Shared automatic whitelists of MTAs

P2PWL (peer to peer whitelisting) is an automatic tool to determine reputable SMTP hosts and whitelist them. The information about reputable SMTP hosts is then automatically shared among other users of the P2PWL tool.

The idea here is to automatically whitelist as many reputable SMTP hosts as possible to limit the amount of mail that is delayed by greylisting.

©2011 Silicon.dk ApS - Privacy Policy
go to the About/Contact page for contact information.