Re: [exim] greylisting

Top Page
This message is part of the following thread:
M++\the complete thread tree sorted by date
MMMMcjackson at <-
MMAlun at ->
Delete this message
Reply to this message
Author: Chad Leigh
Date:  
To: Steffen Heil
CC: exim-users
Subject: Re: [exim] greylisting

On Jun 14, 2005, at 6:17 PM, Steffen Heil wrote:

> Hi
>
> I am planing some greylisting experiments on my servers.
> So I thought to ask, how other do it (successfully).

I just started about 2 nights ago using the greylisting that sa-exim
(an interface to spamassassin by marc merlin) will do. It basically
only greylists stuff it suspects is spam, overcoming the main
downside to greylisting, which is that your non-spam mail is also
delayed. Here, except for an occasional false positive, normal non-
spam is not greylisted.

The volume of spam that we no longer accept and deliver (scored by
spam assassin for user client filtering of course) has gone down
between 75% and 90%+ it appears. No hard numbers yet but based on
how much ends up in my 4 mail accounts versus previously.

So far I have done a pretty much stock implementation except that the
spamassassin scores used to determine the results for greylisting are
different than the examples sa-exim has in its docs. We count >5 as
spam and >25 as permanent reject...

I am currently saving all permanent rejects in scratch space (they do
not get delivered or anything and the sender is given a 5xx permanent
reject) in case we lose some. We are not saving the temporarily
rejected mail.

Our timeout for resending is currently about 14minutes 35seconds.

We are purging stuff the same way as listed in the sa-exim
greylisting docs.

best
Chad

>
> What do you take into account?
> - Recipient Address ?? - yes, propably
> - Sender Address ??
> - Sending Host ??
> - Sending Host's subnet ??
> - Sending Host's HELO name ??
>
> How long do you accept mails from recorded tuples?
> - 2 hours after first try?
> - 2 weeks after first delivered mail?
>
> After what time do you drop tuples?
> - 7 days?
>
> How do you evaluate that information?
> - exim's included perl?
> - external scripts?
> - localscan extensions?
> - socket_reads for runnings daemons?
> - stored procedures?
>
> (btw, if you read this, Andreas, is there any hope to get interbase
> client
> build into exim in upcoming heavy-daemon-releases?)
>
> Regards,
> Steffen
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://www.exim.org/eximwiki/

---
Chad Leigh -- Shire.Net LLC
Your Web App and Email hosting provider
chad@???




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-RE: [exim] System filter and message_bodyRe: [exim] Re: cpanel/exim->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)