[Mimedefang] spamtrap on secondary MX

David F. Skoll dfs at roaringpenguin.com
Wed Nov 24 11:21:01 EST 2004


On Wed, 24 Nov 2004, Aleksandar Milivojevic wrote:

> I'm not particualry fond of gray-listing either.  The amount of spam it
> blocks isn't worth the delay in legitimate email exchange between two
> individuals.

You can refine greylisting to minimize that as we do in our commercial
CanIt product.  Basically, we look at the sender address, recipient
address, and first three octets of the IP address (to handle the "farm
of sending machines" issue.)

The crucial thing to minimize impact is that once a given machine
retries, you remember this and never greylist for that machine for 30 days
or so.  This gives you all the benefits while greatly mitigating delays
of legitimate e-mail.

> There are cuople of filters floating around that implement gray-listing.
> Theoretically, it should be possible to implement it directly in
> mimedefang-filter, but don't know anybody that did that.

I have sample code (not production-ready) in my LISA slides on the MIMEDefang
site.

--
David.



More information about the MIMEDefang mailing list