spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Reindl Harald <h.rei...@thelounge.net>
Subject Re: Is greylisting effective? (was Re: Using Postfix and Postgrey - not scanning after hold)
Date Sat, 30 Jul 2016 01:34:04 GMT


Am 29.07.2016 um 22:48 schrieb Dianne Skoll:
> On Fri, 29 Jul 2016 22:39:15 +0200
> Robert Schetterer <rs@sys4.de> wrote:
>
>>> I don't use postfix or postscreen.
>> hm.. that does not fit the subject..why did you involved yourself ?
>
> I am sorry.  I should have changed the thread subject.
>
>> you may get that quite better, i see
>> a lot of server greylisting useless ,only filling up others queues
>> waiting for a second slot ,so it may only cheap for you but not for
>> your partners
>> Dont slow down communication if you dont need to
>
> So what I didn't mention is that in our implementation, once an IP
> address successully passes greylisting, we no longer greylist it for
> the next 45 days.  (It would probably be pointless... if an IP passes
> greylisting once, it probably will keep passing it.)

that's nothing special and postgrey does the same, the whole point of 
greylisting is that badly written bots don't try again (the same happens 
if they connect to a backup-MX responding with 4xx)

also it don't help for clients which *do not* pass like large senders 
with outbound clusters coming each time from a different IP

hence you skip greylisting based on DNSWL and spf-policyd because that 
big legit senders hit DNSWL or have a proper SPF while random bots of 
infected machines don't and this ones are your target for greylisting




Mime
View raw message