The following solution solves 99% of the problem:
- IF mail is from a local (or authenticated) client
- AND the sender has already passed "reject_unlisted_sender"
- THEN store the (sender, recipient) pair in a whitelist.
This can be done with trivial modification of an existing greylisting
policy daemon.
Occasionally, a sender or recipient address will become invalid,
or a user mis-types.
To clean out junk, maintain a "last use" time stamp for each (sender,
recipient) pair, and periodically remove entries that are too old.
Or just rename the database late Saturday night and let it re-populate
over time.
Wietse
