On Wed, 2008-03-26 at 09:39 -0430, Patrick O'Callaghan wrote: > On Wed, 2008-03-26 at 06:35 -0700, Craig White wrote: > > On Wed, 2008-03-26 at 23:06 +1030, Tim wrote: > > > On Wed, 2008-03-26 at 05:12 -0700, Craig White wrote: > > > > My first 'defense' is greylisting, run as a policy in postfix. > > > > > > Though do so with the knowledge that it may mean some mail never gets > > > delivered/accepted. Greylisting, for both cases of rejecting spam and > > > accepting ham, requires the services sending to you to work in certain > > > way [1], and they don't all do that [2]. > > > > > > 1. They reject the initial attempt, tell the sender to resend later, and > > > accept the resend. > > > > > > 2. Some senders never resend, causing mail to get lost permanently. > > > Some resends come from a different server, and that can get rejected, > > > too - causing long delays, or permanently lost mail. Some resend > > > attempts come after a very long delay, which can be annoying or business > > > destroying, or can cause another reject. > > > > > > I've experienced all of the above bad scenarios. > > ---- > > I had heard that before I set it up but I have been running this same > > setup on servers for 7 separate businesses and besides the initial > > complaints of delays, it has been completely a non-issue. Few delays > > have ever been longer than 30 minutes. > > > > On the other hand, my setup has completely lightened the mail load. > > > > And for an amusing side note to this... > > > > My boss forwarded an e-mail to me which was a newsletter that he gets > > via e-mail. I asked him what he expected me to do with it and he pointed > > out to me a paragraph about their upcoming changes and that subscribers > > should alter their 'filters' to be sure that they receive it. > > > > I pointed out to him that on our network, I don't know of a single user > > that has had to implement 'user level filters' for spam because so few > > spam messages get through (I get about 5 a week and I am a very heavy > > e-mail user). I pointed out that my methodology at the server level has > > been so effective that I have no 'whitelisted' senders, no 'special > > handling rules' at all beyond the high scoring spamassassin filter that > > each user automatically inherits. > > > > He replied back - never mind and later expressed to me that yeah, he > > never gets spam and manages to get all of his e-mail. > > > > Greylisting has been a very effective tool for me and I have had NO > > complaints about it at all. There's actually a way around it in a > > crunch...I've put a 5 minute window. The sender need only wait 5 minutes > > and send the e-mail again which ultimately means that 2 copies show up > > but the second one is delivered immediately and the first one is > > delivered when their SMTP server decides to try again which is almost > > always 15-30 minutes later. > > Greylisting is indeed a very effective and I would say essential tool, > however we're seeing the effectiveness being reduced as time goes on > because spammers are getting smarter. This is an arms race and it's not > going to end in the foreseeable future. ---- ride the wave...agreed on the arms race but so far, greylisting easily skims about 70% of the useless cruft off the top at a very low computational cost. Craig
