> From: "Terry ( 1stKMH )"
> Ive been using this
>
> deny message = inconsistent or no DNS reverse entry for
> its been working well for dropping
> lots of spam but ive also had the odd false positive
In case of no hostname I greylist instead of deny. I greylist
only suspicious mail (including cases of no hostname), not all mail.
You can use config excerpts I attached to
http://wiki.exim.org/DbLessGreyListingRun
> From: Dean Brooks
> I personally think it's better to use a defer in this case, rather than
> a deny, to deal with intermittent DNS failures of some sort.
In case of false positive (inconsistent DNS of a legitimate sender)
the defer will be repeated for several days, until sender gives up,
only then sender will be notified. Greylisting deals with intermittent
DNS failures without creating so long delay. I greylist for only 3 minutes,
in practice it means that a false positive will be deferred until
next retry - no more than half hour.
> you will need to have enabled "LOOKUP_DNSDB=yes" in the
> Exim Makefile during compilcation for access to the dnsdb lookup mechanism.
> I rather wish it was enabled by default, as it's quite useful for certain
> types of lookups.
The variant of greylisting above doesn't requite recompilation.
Lena
