On Tue, Aug 01, 2006 at 04:33:39PM -0500, Logan Shaw wrote: > However, don't assume that it kills the benefit of greylisting > completely: if you can delay processing that questionable > message for 30 minutes or an hour, that greatly increases the > chances it will end up on a realtime blacklist of some type.
Except now you've also delayed your valid mail by 30 minutes or an hour which sucks (and is sometimes completely unacceptable). > Then the spammer goes for a second pass through the list to > try to defeat greylisting. The servers that had greylisted > the messages will receive it again but will check the > distributed database. The distributed database will have a > zillion reports of suspicious activity from that IP address. > That won't absolutely indicate that the message is spam, > but it might be worth adding a score of 1 or 2 points. Or it's the first time the service sees <insert legit newsletter sender> sending out their newsletters. ;) -- Randomly Generated Tagline: "It's stupid to slap a table ... " - Prof. Long
pgp8HuXONqpSb.pgp
Description: PGP signature
