Autor: Oliver von Bueren Data: Dla: exim-users Temat: Re: [exim] Preventing Sender Forgery .
Jeroen van Aart wrote: > It looks like you don't have greylisting, I believe adding it as your
> first check will prove to be very effective. It's an inexpensive check
> and will likely block more than 90% of your spam, which includes many
> forged emails.
> Up till now I had no reason to implement Graylisting.
I've considered it but carefully selecting my RBLs and also some
blocking with content scan (e.g. for know URLs of Spamvertising sites)
I've got very few Spam messages getting accepted. False-Positive is no
problem at my site as well.
All these facts lead me to the conclusion, that I don't bother the
hassle to implement Graylisting with all its problems and workarounds
(e.g. big providers like hotmail, ...).
In bare figures this means, of the 5% of accepted mail, get a couple out
more the max. Or in numbers, 50 mails per 1000 tries accepted, thereof
about 1 is spam. That is way too low to justify Graylisting, IMHO.
I won't disclose my exact RBL configuration, but I strongly suggest
everyone uses/buys one of the good DUHL lists to get rid of a lot of
Dialup and other "dynamic" IP addresses like xDSL/Cable/... A few other
well established lists and you reach 90% as well. The rest is fine
tuning and simple content scanning. All with the benefit, if a legit
message gets rejected (at SMTP RCPT TO or the latest after DATA), the
sender gets an error message stating his problem.