[exim] Re: Greylisting

Top Page
Delete this message
Reply to this message
Author: Kevin Peuhkurinen
Date:  
To: exim-users
Subject: [exim] Re: Greylisting
Sorry for having no In-Reply-To header. Responding to digest.

I've been using greylisting for a few months now, using the
implementation listed here:
http://slett.net/spam-filtering-for-mx/exim-greylisting.html#exim-greylist-mysql

I greylist emails that fall into any of these categories:

1. The sending host gave an IP address in it's greeting rather than a
fully qualified domain name.
2. The sending host gave an FQDN in its greeting that pretended to be
from one of my domains
3. A reverse DNS lookup on the sending host's IP address failed
4. The sending host's IP address is in a range allocated to APNIC or LACNIC

My time settings are 5MIN / 12HOUR, / 36DAY.

The results have been pretty spectacular. Less than 5% of the email
greylisted is retried. The remainder represents more than half of the
spam I recieve, which means that SA has to work 50% less than it
otherwise would.

I'm contemplating adding a fifth condition for greylisting which would
be if the sending host is listed in dul.dnsbl.sorbs.net.