Slightly OT: Greylisting success or failure stories?
Craig White
craigwhite at azapple.com
Sun Feb 6 22:54:58 UTC 2005
On Sun, 2005-02-06 at 14:40 -0600, Jay Moore wrote:
> AFAIK, all greylisting implementations use pretty much the same logic:
> if the tuple (ip addr, from:, to:) is not in the "whitelist", return a
> tempfail (450). A server is automatically "whitelisted" if he tries the
> same tuple after a designated time has elapsed (e.g. 30 minutes). It is
> effective apparently 'cause most spammers don't retry their connections.
---
the entire point of spam is low cost. If the 'cost' is raised, it makes
it less attractive. If a spam server has to keep retrying connections
(the tempfail), it becomes expensive and reduces the amount of mail
xfers that any one computer or server can deliver.
The most effective tools have always revolved around 'tar pits' of some
kind, designed to elevate the cost of delivery. Managing one of these
tar pits has a cost too, as you must have some backend database to
handle the the tuple attempts and whitelisting or even blacklisting. The
cost however seems insignificant compared to the cost of checking each
and every one with spamassassin.
Craig
More information about the fedora-list
mailing list