Greylisting (WAS: gif attachments)
Logan Shaw
lshaw at emitinc.com
Thu Aug 24 00:52:39 IST 2006
On Wed, 23 Aug 2006, John Rudd wrote:
> I, in turn, found that 90% of what greet_pause was catching was:
>
> a) had no PTR record,
> b) PTR and A record didn't match, or
> c) looked like it's from some ISP's client and/or dynamic host range
> (2 or more octets of its IP address, in decimal or hex format, in
> the hostname, or the words "dynamic", "dsl", "cable", or "dial-?up"
> in the hostname).
>
> I just reject these now, and I lowered my greet_pause to 3 seconds
> (ie. just blocking the slammers).
I, in turn, have yet another approach. I have greet_pause
enabled on the secondary MX but not on the primary MX. A whole
lot of the spam goes to the secondary MX, so this catches a lot.
(And the greet_pause delay on the secondary MX is nice and
long, incidentally.)
If a legit message has made it to the secondary MX, it means
there was already a problem and already a delay, so I don't
really care about the performance and whatnot. The same
reasoning would apply to greylisting, mostly.
- Logan
More information about the MailScanner
mailing list