Jeroen van Aart wrote: > It looks like you don't have greylisting, I believe adding it as your > first check will prove to be very effective. It's an inexpensive check > and will likely block more than 90% of your spam, which includes many > forged emails. > Up till now I had no reason to implement Graylisting.
I've considered it but carefully selecting my RBLs and also some blocking with content scan (e.g. for know URLs of Spamvertising sites) I've got very few Spam messages getting accepted. False-Positive is no problem at my site as well. All these facts lead me to the conclusion, that I don't bother the hassle to implement Graylisting with all its problems and workarounds (e.g. big providers like hotmail, ...). In bare figures this means, of the 5% of accepted mail, get a couple out more the max. Or in numbers, 50 mails per 1000 tries accepted, thereof about 1 is spam. That is way too low to justify Graylisting, IMHO. I won't disclose my exact RBL configuration, but I strongly suggest everyone uses/buys one of the good DUHL lists to get rid of a lot of Dialup and other "dynamic" IP addresses like xDSL/Cable/... A few other well established lists and you reach 90% as well. The rest is fine tuning and simple content scanning. All with the benefit, if a legit message gets rejected (at SMTP RCPT TO or the latest after DATA), the sender gets an error message stating his problem. Oliver -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
