I do not use postfix but I do greylist so I thought I would chime in with my opinion.
Greylisting is just one of several tools available to a system administrator for filtering out spam, like any of the other tools if used incorrectly it will be problematic. I do much cheaper filtering first before the server even considers greylisting, filtering which does not require calling external tools, does not require dns lookups. That kind of filtering should be done on messages first as it is cheaper. Next I do not greylist every single email, that would be excessive, I know some sysadmins do this, but it would cause too much delays causing complaints and increase server load with more retries. Instead I greylist email's that come from server's that fail basic 101 configuration checks, such as a mismatched/missing rdns record, or failed spf check. Whilst running in this configuration for a number of years I have had zilch complaints of missing emails, only the occasional moan about delayed emails. I also configure my server's so that end users who decide to opt out can opt out, I have a whitelist file with target domain's that will allow these failed rdns/spf emails to be delivered immediately although they will still be subject to other checks unless whitelisted in other checks also. Regarding RBL lists, this one is perhaps not so simple, I do outright block email's from certian lists I consider to be very reliable, aware that occasionally the likes of gmail may find themselves on such a list I exclude the major email providers from RBL checks, this of course also reduces queries sent to those providers. Plus as with the greylisting, customers of mine can opt out of these checks. List providers with history of false positives I tend to not use or I may use them when they have a record of expiring senders quickly but only using defer instead of deny, which should make the sender reattempt delivery later. I do not yet have a internal scoring system, the only scoring system I use is spamassassin which is ok but I found over the years it is definitely becoming less effective. My plan is to combine RBL providers alongside some other spam networking communities and use a scoring system, so I can do away with the outright blocking, as although I do not get complaints, I respect there is always the possibility of false positives. There is also the option of delaying the incoming server for a few seconds before allowing it to proceed, this can weed out spammers as well who dont like been slowed down so may skip over it. Chris On 2 August 2016 at 22:18, John Hardin <jhar...@impsec.org> wrote: > On Tue, 2 Aug 2016, Benny Pedersen wrote: > >> On 2016-08-02 20:00, John Hardin wrote: >> >>> Is there any way to use postscreen as a frontend filter for a sendmail >>> MTA? >> >> >> content-filter works nicely in postfix, but that postscreen will not use >> content-filter to help on its problem >> >> postfix can use sendmail as a content-filter > > > Guffaw. > >> what goal ? > > > To get the benefits of postscreen without replacing my working sendmail > install. > > > -- > John Hardin KA7OHZ http://www.impsec.org/~jhardin/ > jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org > key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 > ----------------------------------------------------------------------- > Vista "security improvements" consist of attempting to shift blame > onto the user when things go wrong. > > ----------------------------------------------------------------------- > 3 days until the 281st anniversary of John Peter Zenger's acquittal
