That being said.... my intention, if I can find a viable solution, was to try using greylisting, followed by RBLs, and then possibly backed up with SpamAssassin or ClamAV. Basically take TMDA out of the picture altogether.
The reason I was asking for information was not to start a C/R flame war. It was because some articles on greylisting talk about how non-compliant MTAs can break the greylisting system by NOT sending back legitimate messages after the delay, or by seeing the delay response as an error and reporting it back to the original sender.
All I wanted to know is if anyone has seen issues like that and how to get around them.
I think most of the issues you're likely to run into have already been mentioned. If you keep an eye on your mail logs for a while after implementing greylisting then you're likely to spot any problem.
However, I think greylisting is only a short to medium term solution. As soon as someone really big (e.g. AOL or hotmail) implements greylisting, the spammers will evolve their software to handle it, and you'll be back where you started. This isn't going to be a big problem for them, but it's just not worth the effort for them at the moment, as relatively few sites are using greylisting.
Paul.
