On Tue, Mar 23, 2004 at 09:35:25AM +0000, Alun wrote:
> We've been running with greylisting in this form since mid September
> and we've had less than 20 complaints about failed legitimate mail (all
> due to bizarre retry behaviour at the other end or ancient, broken MTAs).
> I estimate it's dropped the amount of spam we receive by 85-90%.
I know I announced it recently, but considering the amount of mail here,
some of you may have missed my comments about this, and the SA-Exim
greylisting code that tries to address that.
It seems that greylisting should really be done as a last resort thing
when you're not sure whether you're dealing with spam, or ham
This is what SA-Exim's greylisting implementation does (with SA's help,
most of the greylisting code is actually inside SA, not SA-Exim)
Non spam flows right through (even though it does seed the greylist pool so
that if a spammish mail comes from the same place later, its score can be
dropped somewhat due to the tuplet (env from/env to/connect-ip) being
whitelisted).
You can find more details here:
http://marc.merlins.org/linux/exim/files/sa-exim-current/README.greylisting
http://marc.merlins.org/linux/exim/sa.html
Marc
--
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/ | Finger marc_f@??? for PGP key
