On Mar 28 12:52:46, [email protected] wrote:
> Hi all,
>
> I had a question about greylisting (with spamd) in production.
>
> I've successfully run spamd on firewalls (as a frontend to either barracuda
> or SpamAssassin) and have really liked the reduction in SPAM volume.
>
> Unfortunately my employer's wife does not like the delays that this
> introduces into our mail delivery, since she uses email for quick turn-around
> communication.
>
> The main problem occurs with senders like Gmail, yahoo, hotmail, etc. ...i.e.
> all the senders that have large farms of smtp servers from which they can
> retry delivery after initial greylisting delay.
>
> I know this means I'm not doing proper whitelisting of those major sender
> domains, but I'm at a loss on how to best construct and maintain such a
> whitelist.
> Are there any up-to-date lists that already track
> the MTAs of these large mail providers?
For e.g. google, I did
dig -t txt _netblocks.google.com | grep spf
and put the following in /etc/mail/nospamd
173.194.0.0/16
209.85.128.0/17
74.125.0.0/16
12.31.165.64/27
208.48.95.16/28
216.34.181.0/24
I left out 64.18.0.0/20 and 207.126.144.0/20
as they were sending me a lot of spam.
These lists could change of course,
but I never got to automatizing it.
Jan
