Hello. While trying to help get mail flowing over at gnome.org, I noticed that gnome.org isn't using greylisting.
For those who isn't sure what this is about, read http://en.wikipedia.org/wiki/Greylisting >From what I've seen, some people seem to have something against it. Not sure what though, since you only get a delay for the -first- mail with a certain triple (sender, recipient, sender ip). The rest is let through immediately (after an X minute waiting period for the first mail). If some mail is lost due to greylisting, that mail could have been lost in regular mail flow as well. Using greylisting cuts away lots of virus and a large amount of spam as well. Granted, it does not stop all - but it sure helps. Examples on how it worked out for me at two systems: http://support.cs.umu.se/stats/mail/ http://www.acc.umu.se/~project/mailgraph/ Check the bottom graphs and guess when we started using greylisting. At those systems, we use (just like at gnome.org) postfix with amavisd [sa + clam].. Then we added postgrey.. Needed changes in postfix was: main.cf: smtpd_restriction_classes = greylist greylist = check_policy_service inet:127.0.0.1:10026 127.0.0.1:10026_time_limit = 3600 smtpd_recipient_restriction = ...... everything like now, but as last entry before the mail is supposed to be accepted ... check_recipient_access hash:$config_directory/access_recipient access_recipient (new file or so): # example of exception from greylisting [EMAIL PROTECTED] DUNNO # gl the rest gnome.org greylist If you want to try on a single user first, don't use the domain catch-all in access_recipient and put a specific recipient there instead. mneptok said I should mail this here. Flame him etc ;) /Tomas -- Tomas Ögren, [EMAIL PROTECTED], http://www.acc.umu.se/~stric/ |- Student at Computing Science, University of Umeå `- Sysadmin at {cs,acc}.umu.se _______________________________________________ Gnome-infrastructure mailing list [email protected] http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
