On Sun, Jan 29, 2006 at 12:15:13PM +1300, Bojan Zdrnja wrote: > Greylisting works OK at the moment as spammers have no need to go > around it. But, you can be sure that once greylisting reaches critical > level of deployment, spammers will go around it very easy (basically > they just have to modify their applications).
Indeed, I believe that some spammers, accidentally or deliberately, have already done just that. Last summer, I saw pill-spammers sending multiple messages from the same source, with the same envelope, and to the same recipient over about a seven-minute period. This cut through my greylisting quite effectively until I increased the greylist delay. I haven't noticed any viruses yet that are effective at bypassing greylisting - I've only seen a few make it as far as my antivirus in the last few weeks. To get around greylisting, they'd need to dedicate space to keeping track of what sender they used for each recipient. If and when spammers and virus authors do start changing their methods, I predict the use of greylisting to buy time for spam- & virus-traps to feed a good old-fashioned blacklist. -- William Aoki KD7YAF [EMAIL PROTECTED] 5-1924
