16 Feb
2014
16 Feb
'14
11:45 p.m.
ed said:
Alternatively, you could try greylising, 4xx the
sending mail server IP
for thirty minutes on the first mail seen from it, then allow it. Often
this helps as most exploited spam sources don't queue.
Greylisting is my solution. So little gets past it that I don't bother
with spamassassin. Occasionally, a handful come via a spammer who does
follow RFCs, but Thunderbird's spam filtering gets them.
postgrey is the package if you're using Postfix on Debian. New sources
are told 'not yet' for - I think - ten minutes. If they try again after
that, they get through. But the logfiles are full of spambots that don't
bother.
I'm very grateful that not everyone does it.
Ian