Greylisting...
Gordon Colyn
gordon at itnt.co.za
Mon Sep 25 18:58:38 IST 2006
Please can you give me more info on how to do this?
Thanks
Gordon
----- Original Message -----
From: "mikea" <mikea at mikea.ath.cx>
To: "MailScanner discussion" <mailscanner at lists.mailscanner.info>
Sent: Friday, September 22, 2006 8:50 PM
Subject: Re: Greylisting...
We're graylisting, using the acme.com graymilter and sendmail, with a
600-second (10 minute) delay, and it works _very_ well. I haven't run
statistics on failure-to-reconnect recently, but saw something like a
60-70% reduction in mail that actually got through that milter to
MailScanner (and SpamAssassin, ClamAV, etc.). That was well worth the
effort.
I did have to whitelist some of our sister agency MTAs that appear not
to do well when presented with
"reject=421 4.3.2 graylisted - please try again later"
but that's typical: of a given set of MTAs, some will be b0rk3n in
one way or another.
We also use greet-pause with a 15-second delay, and that absolutely
works wonders.
An additional sendmail ruleset stops SMTP transactions with MTAs that
HELO/EHLO as our MX, with this message:
"ruleset=check_rcpt, arg1=<recipient_address>,
relay=[relay_IPADDR],
reject=554 5.7.1 Invalid helo rejected; send mail to
abuse at odot.org
if rejected in error - are you really 192.149.244.25"
which stops even more _and_ gives me nice patterns to watch in my maillog
database. But all that's off-topic here, so ask in private mail if you
want more info.
--
Mike Andrews
mikea at mikea.ath.cx, mandrews at odot.org
Information Security
Oklahoma Department of Transportation
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list