Matt wrote: > I wrote a perl script that whitelists any servers from greylisting for > 6 months that send a message that scores less then 1 by spamassassin. > If it later sends a message that scores greater then 5 it is removed > from the whitelist. Works great. After having a few months to learn > almost no legitimate servers are greylisted.
Milter-greylist can do that too. I haven't had the time yet, but I'll be eventually moving my relays to use milter-greylist for greylisting AND spamassassin, which would also let me mix and match. That could look something like this in your greylist.conf: dacl whitelist spamd < 1 dacl blacklist spamd > 8 msg "Message blocked for spam content." dacl greylist spamd > 5 That last line shows what the milter can do, though I wouldn't combine the two like that. The development version can also tarpit (which I would combine with SA) ... see this commercial tarpit's explanation: http://mailchannels.com/literature/osterman-research-traffic-shaping.pdf Big benefit here: that's an SMTP-time REJECT command (which spamass-milter also does, but amavis, mailscanner, and procmail+spamc do not). It generates a bounce from the sending server (read: *not* backscatter), so senders will always know if their message has not been delivered (and smarter mailing lists, including some that spammers use, will auto-unsubscribe a bouncing email account). I flag at 5 and reject at 8. Users can then filter/delete flagged mail as they see fit without being overwhelmed by volume. I consider this feature mandatory.
