I really think spammers don't give a damn about coming back to deliver e-mail properly. The new breed of spammers uses botnets to deliver their crap. And since those systems are not theirs and that bandwidth is not theirs, they write software to act as a proper mail server. That means, they come back when mail isn't properly delivered.
Downside is: a) The botnet pc is getting whitelisted b) The system administrator has to manually take it off the whitelist and put it on the blacklist (I have written a shell script to take care of this) c) Your users are bothered with crap Agreed, not all spammers are using botnets, thank god. However, the spammers that do cause most of our and our users' irritation. One solution would be to check if the delivering IP Address has a logical name like: mail. smtp. mx. etcetera But..not all mail servers are setup like that. So, I will get a lot of users complaining e-mail doesn't reach them and it will cost me about the same amount of time to explain it to my users and whitelist the IP Address. A solution I think would be a step in the right direction is providers making international agreements. First rule would be: Home users should NOT have access to port 25 and may only use the provider's mail server. That would block a lot, and I do mean a lot, of the spam. Only on request, port 25 could be opened. Second rule: Those who do send spam should be blocked from sending e-mail until they have cleaned their system. And I know, most people that are infected by a Trojan sending spam, do not know how to get rid of it. Providers should deliver some kind of support to those people. Other upside is; you'll educate users. Well, there you have it.... my opinion. On Friday, February 2, 2007, 04:02:38, Gregory Edigarov wrote: > ... > Yeah, greylisting is good, but this is for only short while, I am > afraid. My measurements telling me that spamers are adapting quicker > then somebody expected. > > It seems like their soft started analyzing the return codes, and so > they are resending their mail after a short while. So I think > blacklisting is still in rule. But having to queue, wait, and resend a) cuts down on the crap/hour they can send b) their IP might be on a blacklist the second time they try -- [EMAIL PROTECTED] "The avalanche has already started, it is too Rod Dorman late for the pebbles to vote." - Ambassador Kosh