Re: [bitfolk] Spam overwhelming my mail server

On Sun, Feb 16, 2014 at 11:45:20PM +0000, Ian wrote:
> ed said:
>
> > Alternatively, you could try greylising, 4xx the sending mail server IP
> > for thirty minutes on the first mail seen from it, then allow it. Often
> > this helps as most exploited spam sources don't queue.
>
> Greylisting is my solution. So little gets past it that I don't bother
> with spamassassin. Occasionally, a handful come via a spammer who does
> follow RFCs, but Thunderbird's spam filtering gets them.
>
> postgrey is the package if you're using Postfix on Debian. New sources
> are told 'not yet' for - I think - ten minutes. If they try again after
> that, they get through. But the logfiles are full of spambots that don't
> bother.
>
> I'm very grateful that not everyone does it.

I used greylisting for a while, but I found too many false positives
(for me) with sites that are "legit" but don't work with it. Generally
it seemed to be situations like big sites that would retry from one of a
cluster of MTA boxes.

Do you have any problems? Maybe the world has improved since I last
tried it.

Michael