I still greylist everything without DKIM signature or with non-matching DKIM signature. If you run an email based 2FA service you definitely should properly sign your emails. And a user runs 2FA emails through a forwarding service and breaks DKIM in the process, I do not think it's me who should change their habits.
I haven't looked through stats lately but I do not do content based filtering and there are still lots of botnet spam attempts that do not retry when rejected. I use DNSBLs, manual blacklisting and greylisting, and all of these do catch a lot of spam. The spam I do not catch is usually sent from Google or Microsoft. On Thu, 27 Nov 2025 at 12:42, Christof Meerwald via mailop <[email protected]> wrote: > > On Thu, Nov 27, 2025 at 12:01:13AM +0000, Kyrian (List) via mailop wrote: > > What's the consensus? In times where 2 factor authentication emails are > > frequently completely pointless trying to go through greylisting where they > > are delayed beyond their timeouts. But where spammers obviously still > > persist. Is it still worth trying to greylist, or rely on other methods > > instead? Is it the case where SMTP-time spam/virus scanning is a necessity > > and greylisting should be removed? How do other folks on the list balance > > out this conflict in their systems? > > I am using greylisting only for cases where something looks suspicious > (no Reverse DNS, no TLS, DNSBL, ...), so most non-spam emails go > through without delay. And there are still some spam senders who don't > seem to retry (and if they to retry, the delay might also help get > better data from DNSBLs). > > > Christof > > -- > https://cmeerw.org sip:cmeerw at cmeerw.org > mailto:cmeerw at cmeerw.org xmpp:cmeerw at cmeerw.org > _______________________________________________ > mailop mailing list > [email protected] > https://list.mailop.org/listinfo/mailop _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
