Sendmail: How does one blacklist annoying spammers?
Craig White
craigwhite at azapple.com
Sun Jun 27 00:55:52 UTC 2010
On Sun, 2010-06-27 at 10:16 +0930, Tim wrote:
> On Sun, 2010-06-27 at 08:24 +0800, Ed Greshko wrote:
> > A well written greylisting milter will utilize a database to maintain
> > a list of sending MTAs that have retried. Additionally, the good
> > milters will have the ability to specify whitelists and blacklists.
> > But, even if you don't do the work to populate the lists this mostly
> > results in only the very first message sent by a "trusted" MTA being
> > delayed. After the initial start-up, training period normal
> > communication proceeds without delay.
>
> Where greylisting, typically, becomes a cropper is when some *BIG*
> service like Yahoo tries to mail you, gets grey listed, and it spits the
> dummy about not being able to post (some do get pernickity about it,
> with a low threshold for suspending posts that didn't immediately get
> through).
>
> Or, when it retries, the retry comes from a different server than the
> first attempt, so that gets greylisted. And your message plays "hot
> potato" through several different servers, each one getting separately
> greylisted. If you're lucky, eventually it comes back through one that
> your server will allow. If you're not, it'll go through so many
> attempts that your server disallows it for taking too long, or their
> server aborts attempting because each attempt gets disallowed.
----
I use greylisting on all mail servers that I administrate and I
specifically use one that maintains a list of well known smtp servers
such as yahoo - it's a rather substantial list and maintained so that
pretty much obviates your point #1.
Point number 2 is well taken but in my experience, there aren't that
many times this has come up (only once) and yes, that will cause an
issue but again, I am able to whitelist the range of servers from that
system.
The real point is that greylisting - at least from the servers I
administrate removes about 70% of the junk spam from ever entering the
mailqueue. I probably clip off another 12-15% with RBL's, requiring
valid helo from forward/reverse compliant DNS hosts and thus the demands
on my mail servers from scanning with spamassassin and clamav (virus &
phishing) is monumentally reduced.
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the users
mailing list