On Fri, 04 Feb 2005 08:51:04 +0000, Paul Howarth <paul@xxxxxxxxxxxx> wrote: > On Thu, 2005-02-03 at 20:34 -0500, Jeff Kinz wrote: > (snip lots of anti-challenge-response stuff) > > I'd just add to this that challenge-response systems basically just > shift the effort of keeping the user's mailbox spam-free onto other > people. Sometimes it's the sender of a valid mail, sometimes it's an > innocent third party that has received a challenge due to having their > email address forged by a spammer or virus. > Paul emphasizes part of the point I was hoping to make originally. Prior to using TMDA, I had LOADS of spam in several accounts. I did whatever i could to make those accounts as hidden as possible. I never used them in newsgroups or to register at web sites, but soon enough the spam came pouring in. Even with RBLs, I was still getting way too much spam. So I tried TMDA and it has worked great for me. If someone wants to get in touch with me, they almost certainly understand that clicking a link or sending a reply to a confirmation is a good thing and the only ever have to do it one time. The people who get upset about TMDA are the spammers. That being said.... my intention, if I can find a viable solution, was to try using greylisting, followed by RBLs, and then possibly backed up with SpamAssassin or ClamAV. Basically take TMDA out of the picture altogether. The reason I was asking for information was not to start a C/R flame war. It was because some articles on greylisting talk about how non-compliant MTAs can break the greylisting system by NOT sending back legitimate messages after the delay, or by seeing the delay response as an error and reporting it back to the original sender. All I wanted to know is if anyone has seen issues like that and how to get around them.
