> In the case of a greylisting type of solution, it seems that > identification would be especially devastating since the work-around > is so trivial. Unless my understanding is very wrong, the whole > effectiveness of the solution depends on the spammers not realizing > the difference between a "normal" MTA and one that greylists.
If a spammer knows I am running spamd because he can detect it, and then disconnects, no spam makes it througg -- no spam is delivered. There is no workaround for the spammer, except to act as a regular "follow the RFC, and retry", which most of the spammers don't do (and which we want them to do, since then they are easier to fight). In fact, there are spammers who ARE noticing that greylisting servers look (or behave) different, and they are disconnecting and not sending spam through them. Thus, no spam is delivered. But you don't get it, do you? Stopping spam from being delivered is the reason for doing all this in the first place! You have it entirely backwards. I think you had better book yourself into a course on logical thinking.
