18 Feb
2014
18 Feb
'14
11:54 a.m.
Michael Stevens <mstevens(a)etla.org> said, in message
20140218112200.GC783(a)ceres.etla.org:
I used greylisting for a while, but I found too many false positives
(for me) with sites that are "legit" but don't work with it. Generally
it seemed to be situations like big sites that would retry from one
of a cluster of MTA boxes.
We discovered the cluster issue back in 2003 when testing the theory. My
solution was to just use the sender/recipient address as the key,
rather than sender/recipient/IP. I also wired in a pattern match to try
to strip out VERP from addresses so they get a free pass through the
greylisting.
Here's what I wrote back in December 2003, after we'd had
greylisting in place for 3 months:
http://users.aber.ac.uk/auj/spam/greydesc.cgi
We kept the system in place for just shy of 10 years and only got
rid of it when we outsourced mail to Microsoft. It was pretty much
self-maintaining.
Cheers,
Alun.
--
Alun Jones, auj(a)aber.ac.uk, 01970 622494
Gwasanaethau Gwybodaeth / Information Services
Prifysgol Aberystwyth / Aberystwyth University