On Wed, 2004-12-08 at 12:35, Hongwei Li wrote: > > > I do have spamassassin installed, but I'd like to block most spams before > processing them. > Could you please explain milter-greylist little more? Any document or link > is greately appreciated! > > Hongwei Greylisting is pretty simple. When your MTA is contacted there is an exchange of information up front that includes the senders email address and the recipients email address. You also have the IP address of the server contacting you. These three elements form a tuple that is stored in a database of some kind. If this is the first time that tuple has been seen your MTA issues a temporary failure code per the RFC (451 I think). That tells the remote MTA to retry again later. The initial connection is then dropped. The tuple is put in the database with a time stamp. The next time the remote MTA contacts you to send that same message you check the database and if the time out period has expired (this can normally be set by the administrator, by default I think they use 30 minutes but I have found a few minutes to be just as good) that entry is auto whitelisted and the message is accepted. Any additional messages from that same system with the same to and from will not be delayed for however long the tuple is kept in the database. Again this is a settable parameter can be set for several days if you like. You can also autowhitelist known associates or systems so no delays will be incurred by known good MTAs. Most spam comes from zombie systems. These systems do not retry a message if there is a failure, they just move on to the next victim since numbers are the game that they play. I saw a reduction in spam from 3000-6000 a day to 5-10 a day on the system at work. Major savings in time and effort. There are several different implementations of greylisting for all the major MTAs. I liked milter-greylist since it did not require a mysql database like one of the others I looked at. It was easy to implement has has worked very well. Way beyond what I expected. -- Scot L. Harris [email protected] It isn't easy being a Friday kind of person in a Monday kind of world.