On 30/6/06 11:53 AM, "Howard Lowndes" wrote: > I'm looking at implementing greylisting on a Postfix MTA. > > Looking at the postfix web site there are a number of solutions offered: > gld > SQLgrey > gps > Postgrey > policyd > tumgreyspf > > Would anyone like to share their views on any of these solutions, or on > greylisting itself.
Hi Howard, Grey listing is a great method to take the load off your mail server. I'm the global mail wrangler for the company that pays my salary. Our infrastructure is mostly sendmail with milter-greylist but the same principles apply to Postfix. We started grey listing about 18 months ago and started with a 60 minute back-off period. Spam and virus volume dropped by about 70-80% right away. Then after a few complaints we reduced the back off to 10 minutes. The result? Zero increase in spam/viruses. So recently, as an experiment, we dropped the back off to 1 minute. The result? Zero increase in spam/viruses and the user base is much happier as it seems most of the companies we deal with retry after 3-5 minutes :) Spambots etc just give up on the first failure and move on. This is a good thing for us good guys! We also track the full tuple for 30 days: sender address, recipient address and source SMTP IP address. However some companies have multiple out-bound mail hubs (Novell, HP and Sun and the main culprits) so we imply white-listed their domains, provided the source IP reverse-resolves to their domains. This works a treat, but I haven't found similar feature in Postgrey :( Anyway, that's my experiences with grey listing - it's an extremely effective method to limit your exposure to e-mail botnets. Even if it p155es of the users for a little while :) Cheers, James -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
