|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Delayed mail may be greylisting
From: /dev/rob0 (rob0
gmx.co.uk)
Date: Wed Aug 16 2006 - 09:41:47 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> On Aug 16, 2006, at 9:28 AM, Philip Reynolds wrote:
> >> What about if the spammers use a MTA to send their emails, in this
> >> case the retry procedure will work for them and at the same time
> >> the users can feel the delay and complain about that.
> >
> > Greylisting isn't a complete solution. It's meant to handle
> > situations where spammers send directly to your mailserver using
> > broken software.
Let's divide it as Spamhaus does, XBL and SBL. XBL hosts are exploited
hosts which belong to non-spammers. Most of those are using Windows
viruses to send their spew. A virus has to remain small to try to avoid
detection as long as possible. Greylisting is very effective against
such zombie spew, and I think it will continue to be so.
SBL hosts are where spammers have paid a provider and are operating
from a set of static IP addresses. In this case they're using their own
machines, and almost certainly using a "real" MTA. Greylisting is not
effective against these hosts.
On Wednesday 16 August 2006 09:04, Jason Pruim wrote:
> So a good combination of greylisting/spam assassin/RBL's would catch
> the vast majority of spam if I am understanding this all correctly?
HELO checks (reject your own IP and domain name[s]) first, and yes,
it's not difficult to turn away the majority of spam. IMO it is worth
some extra effort to subject suspicious hosts (dynamic and end user IP
address space) to more scrutiny, since the vast majority that comes
from there is viral spew.
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]