At 12:40 PM -0400 4/30/07, Steve Friedman wrote:
On Mon, 30 Apr 2007, Guy Fraser wrote:
On Fri, 2007-04-27 at 22:04 -0400, Tony Nelson wrote:
I will look into greylisting and see what I can come up with.
Greylisting is one of the biggest winners here. We've cut the spam load so much that spam assassin now catches almost nothing.
Also look at Early Talker, called Greet Pause in sendmail. It's when the sender has sent the whole message at once, rather than having a proper SMTP conversation. Such messages can be presumed spam, and discarded with no further action.
Hmm... That looks like a reasonable idea.
The general consensus on the postfix mailing idea is that Greet Pause is a bad idea (TM). What it ends up doing is (a) delay legitimate mail and (b) DoS your own server as you now take longer to handle legitimate mail. Any mail source that would fail greet pause will also fail numerous other checks that don't inconvenience your intended users (and your own system).
Well, don't forget that greylisting will delay each new legitimate mail sender by a while (maybe a few hours), requires maintaining whitelists for the server farms of large email providers (AOL, etc.) or email from them may take much more than 4 hours to get through, and the mail must be handled twice by your server rather than just once.