My own grey listing is far to complex for posting here but with 4.68 and the new noupdate feature in ratelimiting I'd like to suggest hat a simple greylisting system can be implemented. Here's what I propose.
You have 3 IP addresses on the same server and 3 MX records. The idea is that if you touch the lowest 2 MX records you get a 421 error the first time but after that you are cleared for one day. So if the hit the lowest MX then it returns 421 DEFER. But when they retry on the second MX then it accepts. As long as the host sends and email once a day there is not DEFER. If it's longer that once a day then you get a defer once. The idea of having 2 good MX records is that most MTAs (except Qmail) will immediately retry on the next higher MX. In the case of qmail the server will retry in it's normal cycle so the message might be delayed. The third highest MX always returns DEFER 421 and sets another counter that locks the host out for say 30 minutes and all interfaces. Thus spam bot traffic would be greatly reduced. It should be really easy to code this up. But just throwing it out there to see what people think. If you have real backup servers you might configure your MX as follows: 10 pirmary server 20 primary server but different IP 30 secondary server 40 primary server but returns DEFER And you can further reduce botnet spam by adding more fake MX servers on the high end. Who likes this idea? -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
