Am 30.07.2016 um 03:34 schrieb Reindl Harald: > > > Am 29.07.2016 um 22:48 schrieb Dianne Skoll: >> On Fri, 29 Jul 2016 22:39:15 +0200 >> Robert Schetterer <r...@sys4.de> wrote: >> >>>> I don't use postfix or postscreen. >>> hm.. that does not fit the subject..why did you involved yourself ? >> >> I am sorry. I should have changed the thread subject. >> >>> you may get that quite better, i see >>> a lot of server greylisting useless ,only filling up others queues >>> waiting for a second slot ,so it may only cheap for you but not for >>> your partners >>> Dont slow down communication if you dont need to >> >> So what I didn't mention is that in our implementation, once an IP >> address successully passes greylisting, we no longer greylist it for >> the next 45 days. (It would probably be pointless... if an IP passes >> greylisting once, it probably will keep passing it.) > > that's nothing special and postgrey does the same, the whole point of > greylisting is that badly written bots don't try again (the same happens > if they connect to a backup-MX responding with 4xx) > > also it don't help for clients which *do not* pass like large senders > with outbound clusters coming each time from a different IP > > hence you skip greylisting based on DNSWL and spf-policyd because that > big legit senders hit DNSWL or have a proper SPF while random bots of > infected machines don't and this ones are your target for greylisting > > >
Harald is right, the goal has to be "reject" spam asap, not to tell "come again later", i.e i had 4 bot cons per second, this will run out the system of smtp slots rapidly which means any good sender isnt able to sent mail too, greylisting makes such situations more worst. Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG, 80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
