John Hardin wrote:
On Thu, 24 Apr 2008, SM wrote:
It's trivial for malware engines to retry. There isn't any queueing,
as a standard MTA does, being done. This has been happening since
some time. Greylisting only fails if you rely on it to stop spam.
Greylisting, like any other antispam technique, blocks some portion of
the flood. There is no one magic silver bullet.
It is still a useful tool. Greylisting only fails if you rely on it
*alone* to stop spam.
yup.
Interesting that this was posted on the spamassassin users list rather
than on the milter-greylist users list.
Suggestions that I've seen, but not yet tried myself, include using
various dnsrbl's, using a longer greylisting period for certain types of
sites to allow time for them to show up in the dnsrbl's, etc.
In addition, we have started using a lot more of the filtering features
on our mta (sendmail) directly, thus dropping lots of stuff before it
ever reaches milter-greylist or spamassassin. The OP was using postfix,
so someone else will have to provide suggestions there. I would suggest
searching the milter-greylist archives and wiki and going to the postfix
users list and wiki to see what options it may have.
I've got a white board filled with the structure and all the pieces and
interconnections of our mail system's software. Milter-greylist is in
the upper right corner, just above mimedefang and spamassassin. Lots of
other stuff going on. In a spam free world, I wouldn't need that white
board -- think of it as a war room visual aid.
---------------
Chris Hoogendyk
-
O__ ---- Systems Administrator
c/ /'_ --- Biology & Geology Departments
(*) \(*) -- 140 Morrill Science Center
~~~~~~~~~~ - University of Massachusetts, Amherst
<[EMAIL PROTECTED]>
---------------
Erdös 4
