[Mimedefang] Pre-Emptive Greylist entries
Gary Funck
gary at intrepid.com
Tue Jan 10 13:18:21 EST 2006
>
> > 2. Something I've toyed with: _if_ the sending relay supports SPF and
> > the SPF validates - accept the mail unconditiionally and
> > don't greylist it.
>
> It is rapidly becoming the case that SPF validation is a
> higher-than-average
> sign of SPAM, since the spammers have more of an incentive to get it right
> than the rest of the world. Don't rely on it, and certainly don't bypass
> greylisting because of it. Effectively, you are trusting someone
> else's DNS
> records when determining whether your policy can be bypassed.
Paul, I appreciate what you're saying above. But isn't it likely that if
spammers
are going to the trouble to add SPF records that they're also going to the
trouble
to retry after a tempfail, and thus defeat greylisting?
The case that I was trying to check for was the case where the spammer
sends through a proxy or a zombie and otherwise impersonates the sender.
More information about the MIMEDefang
mailing list