better blocking at MTA level (off-topic)
Alex Neuman van der Hans
alex at nkpanama.com
Sat May 26 15:53:27 IST 2007
Koopmann, Jan-Peter wrote:
> Attention: Just because you choose 5 minutes does not mean there will be
> a 5 minute delay. Most MTAs I know (at least old Exchange installations
> and yes there are dumb people out there using Exchange as the only MTA!)
> use a 15 minute retry cycle. This results in at least 15 minutes delay
> if not more. And we have several clients not liking that idea. :-(
>
What I've done in the past is to create a report from the MySQL data
gathered by MailWatch installations (even if you don't actively use it,
at least you have a pretty good database that lists all the
characteristics of incoming and outgoing mail) and see, for example,
who's sent the client more than a few e-mails (or who the MX is for
whoever the client sent more than a few e-mails to) in order to
pre-build a "don't use greylisting with" list, and feed it to the
greylist milter. That way at least you begin greylisting "relative
unknowns" and not greylisting "relatively known" senders.
More information about the MailScanner
mailing list