Author: Alan J. Flavell Date: To: Exim users list Subject: Re: [Exim] Greylisting + multiple MX hosts -> multiple attempts
On Tue, 23 Mar 2004, Bruce Richardson wrote:
> Much more difficult? Greylisting seems to assume that the programs
> used by spammers never try to resend.
Not only. It also assumes they won't have appeared in DNSrbls
before the greylisting timeout runs out.
> If greylisting becomes at all common, won't spammers simply adjust
> their programs to retry at least once?
Frankly, all of the measures we're currently adopting are palliatives.
Many of them give those of us who're bothering to put up shields
against spam, a competitive advantage over those who don't. But as
they get more widely adopted, the spammers find new ways to subvert
them (such as the recent fashion for distributing viruses which
install trojans used as spam relays/proxies).
Long term, some much stronger medicine is needed.
But meantime, these palliatives are doing much useful work, and I for
one would not want to be without them.
But to go back to your question: they'd have to retry _and_
guesstimate how long to wait before trying. One of the benefits of a
disorganised response to spam is that we all set different rules, and
a strategy which got the spam through for one victim could equally
land the spammer in a spamtrap with another target. There's strength
in diversity, hmmm?
