Slightly OT: Greylisting success or failure stories?
Jay Moore
jaymo at mail.bokler.com
Sun Feb 6 20:40:37 UTC 2005
On Thu, 2005-02-03 at 14:49, David Hoffman wrote:
> I looked for any discussion lists about greylisting and haven't found
> any, so I thought I might try asking here.
>
> I'm considering adding greylisting to my postfix configuration, and
> some of the articles I have been reading about greylisting show that
> there can be any of several situations in which greylisting would not
> be a viable solution.
>
> In particular they mention issues with how some MTAs break something
> in the RFC that makes greylisting work, and how receiving mail from a
> site which uses multiple relay hosts (each with a different address)
> can also cause mail to not be delivered.
>
> So I thought I would ask on the list to see if anyone has done much
> with greylisting and found it to be good or bad.
>
> I do also use the DNSBL lists, and some of my accounts also use TMDA.
> What I am hoping for is that with greylisting, I can further reduce
> the amount of spam mail traffic.
In my experience, greylisting is a far more effective solution than
DNSBLs. See the "testimonial" link below :)
http://marc.theaimsgroup.com/?l=openbsd-misc&m=110593836930117&w=2
AFAIK, all greylisting implementations use pretty much the same logic:
if the tuple (ip addr, from:, to:) is not in the "whitelist", return a
tempfail (450). A server is automatically "whitelisted" if he tries the
same tuple after a designated time has elapsed (e.g. 30 minutes). It is
effective apparently 'cause most spammers don't retry their connections.
hth,
Jay
More information about the fedora-list
mailing list