"John W. Baxter" wrote:
> On 10/23/06 11:56 PM, "Johann Spies" <jspies@???> wrote:
>
> > I have not implemented greylisting so far. Maybe it is time to do so. I
> > am not quite convinced that it is an unmixed blessing. Can somebody
> > convince me?
>
> It is helpful, but you MUST whitelist sensibly. There are at least
> three classes of things in "sensibly" 1. neighbor ISPs and others that
> routinely send mail to your users but are not "large and well known".
>
> 2. large and well known senders which will pass greylisting anyhow
> even though spam comes from them (eg hotmail)
>
> 3. broken sending servers (there is a nice list available somewhere on
> the www.greylisting.org site that will serve as a starting point).
>
> We have just under 700 entries in our whitelist database table.
Here, the greylist feeds a whitelist because any host that passes
the greylist test need not ever be greylisted again. My greylist
and whitelist detect HELO morphing, so the host gets re-greylisted
if the HELO changes.
mail=# select count(*) from greylist ;
count
-------
48839
(1 row)
mail=# select count(*) from whitelist ;
count
--------
160828
(1 row)
Pretty representative for a few hundred servers. I am willing to
share my home (non-work) copy of the greylist source. I find it
cuts out a large portion of my spam load.
Ian
--
Ian Freislich
