On May 21, 2008, at 11:37 AM, John Hardin wrote:
Also consider that greylisting will allow URIBLs time to update even
if all spambots implement retry and thus negate the _original_
intent of greylisting...
The negative effects of greylisting outweight the positive. As a
provider who needs to receive timely problem reports from our
customers, greylisting was impossible for us to use.
Comparing spam catches for greylisting against my personal domains
where I could use greylisting (but all other rulesets being equal) I
found that less spam was caught by SA and the overall load was
somewhat reduced, but the amount of spam reaching the mailbox remained
the same. Over time the load difference reversed as the spambots
started doing retries (often 5-10 within 2 minutes) and the amount of
spam reaching the mailbox remained the same. Greylisting became a
penalty, so I disabled it. Again, without changing the amount of spam
reaching my mailbox.
MailChannel's implementation solves all of the problems we had with
greylisting, while also hitting the botnets where it hurts. It
appears to be a great idea. I need to figure out how to implement it
without breaking our internal auth schemes, but I will be doing so.
--
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source
and other randomness