Scot L. Harris wrote: > Besides that TMDA systems is not a good solution for fighting spam. > greylisting at the MTA and spamassassin will block 99%+ of the spam out > there and does not require the additional network bandwidth and handling > that TMDA systems do. Hmm. Greylisting picks up on something that spammers do not do but normal MTAs will: spammers (at the moment) don't bother retrying. I strongly suspect that if greylisting became sufficiently common, spammers would adapt. They have adapted to fight other anti-spam methods (hence the bad spelling and miscellaneous words in most spams). That means that it's in everyone's interests that a variety of anti-spam measures should be in use in different places: it makes the spammers' lives harder. It means that it's in *your* best interests that not too many mail servers should use greylisting. Otherwise there's too much of a target for spammers to attack (by implementing retrying, like the RFC says). There's no doubt that a whitelist + confirmation emails don't work for mailing lists. They probably wouldn't work for most people. They undoubtedly *do* stop virtually all spam (and lots of legitimate e-mail as well). They have their place, which is well away from mailing lists, and for people who only want to hear from a pretty fixed, closed circle. James. -- E-mail address: james | Please do not put sandwiches in the disk drive. @westexe.demon.co.uk |
