[exim] greylisting and spf

Pàgina inicial
Delete this message
Reply to this message
Autor: Julian Bradfield
Data:  
A: exim-users
Assumpte: [exim] greylisting and spf
I wonder if any of you have done any analysis of how much spam email
is SPF-valid?

For many years, one of my main spam defences has been a reasonably
aggressive greylisting strategy. This works well at never seeing the
spam from the "fire-and-forget" spambots, but it has the downside of
occasionally delaying genuine mail by a few minutes (or up to an hour,
depending on the sending MTA's retry strategy), which is particularly
annoying when the genuine mail is sending me a one-time code.

Of course, the greylisting doesn't work on any spambot that works like
a real MTA and retries.

So I was wondering what difference it would make if I exempted
SPF-valid mail from greylisting. Does one see lots of fire-and-forget
but SPF-valid spam?

(And the reason I'm asking rather than measuring is that I would have
to go to the trouble of setting up SPF - I run Debian, and haven't yet
found the need to switch to stock Exim where SPF is a simpler setup.)

Julian.