On 9-nov-2006, at 16:17, Randal, Phil wrote:
As someone has probably already pointed out... admins use these
lists because they trust their accuracy. If they receive too
many complaints (as we did with a particular DNSBL) you stop
blocking on that list and move to only scoring.
No, you move on to greylisting based on the less accurate DNSBLs.
milter-greylist 3.0rc6 supports DNSBL-based greylisting, and it
works a
treat here. Because it is greylisting and not blacklisting, no
legitimate mail gets blocked.
If you use short greylisting periods legitimate emails should get
through on the second attempt.
I agree with Phil. DNSBL based blacklisting has its pitfalls. So does
greylisting. Combining the two of them seems like a smart thing to do.
I am absolutely loving Ian Campbell's maRBL right now:
http://www.orangegroove.net/code/marbl/
This is used to implement selective greylisting in Postfix, based on
DNSBL hits. If you combine this with Mark Martinec's p0f-patch
(http://archives.neohapsis.com/archives/postfix/2006-11/0577.html),
which extends maRBL with the ability to greylist Windows clients,
you get a pretty powerful tool. It is also quite easy to set up.
Also, it is great fun to see spam being blocked (greylisted), just
because it is sent from a Windows box :-)
Nov 10 18:00:57 leander marbl: p0f collect: max_wait=0.050,
24.206.74.214 364389373 Windows XP ... => Windows XP Pro SP1, 2000
SP3, (distance 16, link: ethernet/modem)
Nov 10 18:00:57 leander marbl: Action for 24.206.74.214
([EMAIL PROTECTED]): greylisting
Leander
