However do be aware of the pitfalls of greylisting
When greylisting is done well (like postgrey or SQLgrey for postfix),
it's extremely painless, effectively invisible after the first day or two.
And it's incredibly effective.
For one of my high-volume clients who is implementing greylisting
only against IPs without PTR:
%zegrep -ic "temporary failure" /var/log/maillog.0.gz
111599
... total greylist rejects for yesterday.
%zegrep -ic "delayed" /var/log/maillog.0.gz
628
... greylist rejects that were retried and accepted.
That's only 0.56%, and I bet most of them were then rejected next for
failing sender address verification.
When I looked at the average/median greylist-delay for retried msgs,
it was very high, like several hours, another indcation that the
re-trying IPs weren't legit mailservers. Most legit mail servers will
retry within 1 hour.
For greylisting against all IPs, the
not-retried/total-greylist-rejects %age averages about 80% across all
my IMGate clients.
Len
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
