Hi
Carl Inglis wrote:
> When I introduced greylisting here it cut the spam down by 97%.
> Unfortunately I have a number of users who started complaining about the
> delay and that killed the project.
I met with similar resistance so I ended up doing something which I think works quite well. You could limit greylisting to those hosts that act somewhat like spammers but you aren't quite sure enough to drop/deny them outright. I posted an extract from my acls a few weeks ago. Basically, I set acl_cX for certain condions like failures on helo and reverse_host_lookup verification, or appearance on a RBL. Then at acl_rcpt I look at acl_cX and greylist if those variables have anything assigned to them. You may still end up greylisting a valid sender and not greylisting a spammer (who happens not to be on a RBL and has perfect dns entries and says helo nicely) but, by and large, you will stop a lot of spam. Of course, I force greylisting to occur for all aliases and lists that are heavily spammed.
I have also tried greylisting emails without message_ids, etc., at acl_data and use a generic recipient instead of $local_part@$domain.
Hope that helps.
Cheers,
Ryan
