Viktor Steinmann wrote:

> On 04.01.2017 08:54, Per Jessen wrote:
>> Is there any point in greylisting genuine mailservers?  We only
>> greylist dodgy-looking setups.
>> /Per
> I don't see how this approach would scale. 

To my knowledge, it scales quite well. We maintain a list of regex
server-name patterns that we consider 'dodgy' as well as a whitelist. 
If a reverse lookup matches one of these patterns, we greylist.  There
are some more checks, e.g. on the HELO, but the reverse mapping is the
main one.  We run this on a cluster of some 45-46 boxes.  The list of
patterns is fairly stable. 

Per Jessen, Zürich (1.9°C) - your free DNS host, made in Switzerland.

swinog mailing list

Antwort per Email an