Viktor Steinmann wrote:

> On 04.01.2017 08:54, Per Jessen wrote:
>>
>> Is there any point in greylisting genuine mailservers?  We only
>> greylist dodgy-looking setups.
>>
>>
>> /Per
>>
> I don't see how this approach would scale. 

To my knowledge, it scales quite well. We maintain a list of regex
server-name patterns that we consider 'dodgy' as well as a whitelist. 
If a reverse lookup matches one of these patterns, we greylist.  There
are some more checks, e.g. on the HELO, but the reverse mapping is the
main one.  We run this on a cluster of some 45-46 boxes.  The list of
patterns is fairly stable. 


-- 
Per Jessen, Zürich (1.9°C)
http://www.dns24.ch/ - your free DNS host, made in Switzerland.



_______________________________________________
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Antwort per Email an