On Thu, 2005-02-03 at 14:49, David Hoffman wrote: > I looked for any discussion lists about greylisting and haven't found > any, so I thought I might try asking here. > > I'm considering adding greylisting to my postfix configuration, and > some of the articles I have been reading about greylisting show that > there can be any of several situations in which greylisting would not > be a viable solution. > > In particular they mention issues with how some MTAs break something > in the RFC that makes greylisting work, and how receiving mail from a > site which uses multiple relay hosts (each with a different address) > can also cause mail to not be delivered. > > So I thought I would ask on the list to see if anyone has done much > with greylisting and found it to be good or bad. > > I do also use the DNSBL lists, and some of my accounts also use TMDA. > What I am hoping for is that with greylisting, I can further reduce > the amount of spam mail traffic. In my experience, greylisting is a far more effective solution than DNSBLs. See the "testimonial" link below :) http://marc.theaimsgroup.com/?l=openbsd-misc&m=110593836930117&w=2 AFAIK, all greylisting implementations use pretty much the same logic: if the tuple (ip addr, from:, to:) is not in the "whitelist", return a tempfail (450). A server is automatically "whitelisted" if he tries the same tuple after a designated time has elapsed (e.g. 30 minutes). It is effective apparently 'cause most spammers don't retry their connections. hth, Jay
