On Fri, Jun 20, 2003 at 09:09:54PM -0700, Jim Winstead wrote: > here's a paper on 'greylisting', which is a slightly sophisticated > variant of the first-time denysoft plugin. > > the basic addition is that it takes the sender and recipient into > account. i guess this would solve the problem of a spammer hitting > multiple addresses from a single ip.
It also makes it much harder for spammers to work around - with the simpler denysoft it's sufficient to send out one 'pre-spam' mail per domain to bypass the plugin. The greylisting paper also uses a nice series of timeout periods instead of connection counts or rates, which initially again looks more robust. Cheers, Gavin
