And there are various techniques (for example connection rate limits,
response delays, greylisting) that prevent you from "accepting all
mail" and that have zero false positives.
As for greylisting, it's no more true now.
Some large and popular mail sending services started some time ago to
send mail in a way that is incompatible with greylisting. Greylisting
assumes that after first 4xx reject, the sending server will retry: a)
after a few minutes; b) from the same IP address. These services: a)
retry immediately, after 5-10 seconds; b) use different IP address on
each retry and c) give up after a few unsuccessful attempts. Thus it is
possible you never get mail sent from these services if you use
greylisting.
I stand corrected, I shouldn't have mentioned greylisting, I don't have
enough experience of that technique. The two other techniques I mentioned
are still valid; I did experience them in the long term, and they have
zero false positives.
Gregory
