The experiment DID stop a few zombies, but not many.
On 12/03/18 02:39, john wrote:
I was just taking a look through my postfix configuration and noticed
that I have a "check_policy_service" for postgrey a greylisting service.
I greylisting still considered worthwhile or should I drop it?
On 12.03.18 09:59, Allen Coates wrote:
Late last year I tried the Postscreen "deep protocol tests" as a
primitive form of greylisting; It was a high-maintenance exercise for
minimal benefit and I have since stopped using it.
I use postscreen's pre-220 tests as primitive form of greylisting.
I have removed the former (real) greylisting when switching to postscreen.
I didn't want to risk remporaty rejection that must happen with deep
protocol tests and any problems resulting from that.
Google and the like, use a different mail server for each connect
attempt. You need an actively maintained whitelist to bypass the
grey-list process.
while it's of course advisable to use whitelists for caces like google and
hotmail, it's usually not necessary with pre-220 tests.
you will of course need whitelisting when communicating with other broken
server, but that applies to any type of mail rejection or spam detection.
Also, (in my case) I was plagued by Ukrainian spamming mail servers;
they just retried and got through.
this (and the above) applies to all types of greylistings.
they are designed to get rid of spambots, not of spam sent through real mail
servers.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I'm not interested in your website anymore.
If you need cookies, bake them yourself.
