Slightly OT: Greylisting success or failure stories?

[David Hoffman]

On Fri, 04 Feb 2005 08:51:04 +0000, Paul Howarth <paul at city-fan.org> wrote:
> On Thu, 2005-02-03 at 20:34 -0500, Jeff Kinz wrote:

> (snip lots of anti-challenge-response stuff)
> 
> I'd just add to this that challenge-response systems basically just
> shift the effort of keeping the user's mailbox spam-free onto other
> people. Sometimes it's the sender of a valid mail, sometimes it's an
> innocent third party that has received a challenge due to having their
> email address forged by a spammer or virus.
> 

Paul emphasizes part of the point I was hoping to make originally.
Prior to using TMDA, I had LOADS of spam in several accounts. I did
whatever i could to make those accounts as hidden as possible. I never
used them in newsgroups or to register at web sites, but soon enough
the spam came pouring in. Even with RBLs, I was still getting way too
much spam. So I tried TMDA and it has worked great for me. If someone
wants to get in touch with me, they almost certainly understand that
clicking a link or sending a reply to a confirmation is a good thing
and the only ever have to do it one time. The people who get upset
about TMDA are the spammers.

That being said.... my intention, if I can find a viable solution, was
to try using greylisting, followed by RBLs, and then possibly backed
up with SpamAssassin or ClamAV. Basically take TMDA out of the picture
altogether.

The reason I was asking for information was not to start a C/R flame
war. It was because some articles on greylisting talk about how
non-compliant MTAs can break the greylisting system by NOT sending
back legitimate messages after the delay, or by seeing the delay
response as an error and reporting it back to the original sender.

All I wanted to know is if anyone has seen issues like that and how to
get around them.