[Mimedefang] Justifying greylisting to management

[Jeff Rife]

After installing milter-greylist on my personal e-mail server, 
identified spam and viruses dropped dramatically (down to between 10-
20% of previous levels).

But, I absolutely can't get the PHBs at my work to approve of a full 
install there (currently I just greylist anything addressed to me) 
because "critical e-mail might be delayed".  After much thought, I 
realize there is no way I can fight this particular issue, because no 
matter how much whitelisting you do, it could happen.  For the same 
reason, even an "opt in" approach isn't likely to happen, since the 
PHBs feel that individual employees aren't smart enough to be able to 
judge if they might need to receive a "critical" e-mail.

Still, if I had some real-world examples of largish *businesses* that 
use greylisting, I could use that to convince them that other 
successful businesses see it as something that they can afford to do.  
Universities and other places where e-mail is a privilege (in a sense) 
wouldn't do a lot to sway them, but ISPs (who could lose customers 
because they don't want e-mail delays) would probably help.

I've done a few Google searches, but haven't found anything large and 
specific enough to really give me ammo.  I don't want to violate any 
NDAs, or intrude on privacy, but any pointers at all would be 
appreciated.

Thanks to all in advance.


--
Jeff Rife |  
          |              Visualize Whirled Peas