[Mimedefang] Re: Justifying greylisting to management
David F. Skoll
dfs at roaringpenguin.com
Mon Feb 27 13:21:11 EST 2006
Gary Schrock wrote:
> Hey David, any idea what percentage of the spam that's blocked this way
> would also end up blocked by spamassassin?
I would expect most of it, but I've never measured.
> Other than a resource issue in running SA, it would seem to me once
> you accept the data phase, if most of the stuff is going to be
> marked anyways, then at worst all you're doing is adding more tagged
> spam to the mix.
We use greylisting for a number of reasons:
1) It gives DNS-based RBLs a chance to catch up with spammers who stay on
a given IP address. This makes it more likely that SA will catch the spam.
2) It's very cheap.
3) We are toying with the idea of auto-training greylisted messages that
are *not* retried as spam. Basically, this lets us use spammer
behaviour to better detect spammer content. We still haven't actually
done this yet, but it seems like it might be a good idea.
Regards,
David.
More information about the MIMEDefang
mailing list