gascione wrote: > > We have started using greylistd for a week now and have seen a dramatic > drop in accepted SPAM mail. About 95% at last count. > > We run a very different config from the default. We greylist for 2 > minutes, delete triplets that don't retry after 2 hours, and delete > verified retries after 24 hours.
I think deleting untried triplets after 2 hours is a bit agressive and I've seen zombies retry after 4 minutes. I've seen hosts not retry for longer than 24 hours as well. These limits are fine for a home email server, but I think they are inappropriate for a production environment especially since your greylist doesn't feed a whitelist. As an example: 1. At home, I greylist for 15 minutes and delete and blacklist non-retriers after 24 hours. Retriers get whitelisted, but HELO morphers get re-greylisted. I'm tempted to increase the temporary block from 15 minutes to between 30 and an hour for HELO morphers. 2. In our production environment, we greylist for 4 minutes and remove greylisted entries after 24 hours. Retriers get whitelisted. Be careful that your greylisting doesn't interfere with SAV callouts because you will effectively greylist yourself. Ian -- Ian Freislich -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
