* on the Fri, Feb 09, 2007 at 09:54:42PM +0000, Mike Cardwell wrote:
> I'm currently experimenting with reducing the amount of greylisting
> being performed. My logic is currently as follows:
>
> 1.) We only want to greylist spam zombies
> 2.) We'll greylist everything, with exceptions so we don't miss anything
> 3.) Spam zombie software doesn't use TLS, so don't greylist on encrypted
> connections.
> 4.) Spam zombie software probably doesn't use stuff like the SIZE
> service extension, so don't greylist hosts that use it.
98 hosts failed greylisting. Every single one of them didn't send a SIZE
param with the mail from.
16 hosts passed greylisting. 12 of them sent a SIZE param with the mail
from.
I know those figures are low so should be taken with a pinch of salt,
but it definitely suggests to me that hosts that use the SIZE extension
can be safely discounted from being greylisted.
Mike
