"John W. Baxter" wrote: > On 10/23/06 11:56 PM, "Johann Spies" <[EMAIL PROTECTED]> wrote: > > > I have not implemented greylisting so far. Maybe it is time to do so. I > > am not quite convinced that it is an unmixed blessing. Can somebody > > convince me? > > It is helpful, but you MUST whitelist sensibly. There are at least > three classes of things in "sensibly" 1. neighbor ISPs and others that > routinely send mail to your users but are not "large and well known". > > 2. large and well known senders which will pass greylisting anyhow > even though spam comes from them (eg hotmail) > > 3. broken sending servers (there is a nice list available somewhere on > the www.greylisting.org site that will serve as a starting point). > > We have just under 700 entries in our whitelist database table.
Here, the greylist feeds a whitelist because any host that passes the greylist test need not ever be greylisted again. My greylist and whitelist detect HELO morphing, so the host gets re-greylisted if the HELO changes. mail=# select count(*) from greylist ; count ------- 48839 (1 row) mail=# select count(*) from whitelist ; count -------- 160828 (1 row) Pretty representative for a few hundred servers. I am willing to share my home (non-work) copy of the greylist source. I find it cuts out a large portion of my spam load. Ian -- Ian Freislich -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
