[prev in list] [next in list] [prev in thread] [next in thread] 

List:       postfix-users
Subject:    Re: Preferred/maintained greylisting options?
From:       Håkon_Alstadheim <hakon () alstadheim ! priv ! no>
Date:       2020-05-21 19:20:36
Message-ID: 929d67bc-2c96-374e-6452-17db2d53eca1 () alstadheim ! priv ! no
[Download RAW message or body]


Den 21.05.2020 20:49, skrev Charles Sprickman:
> Hi all,
> 
> I have a site with a very old domain that's at the front of the alphabet. For some \
> reason (age, alphabetical order, ???) that domain gets bombarded with spam before \
> the senders make it onto any of the blacklists I use (even trialed a few for-profit \
> blacklists). Literally some of these miss getting caught by 2-3 minutes. Aside from \
> the general jaw-on-floor reaction I have to just how so many new "clean" IPs are \
> enlisted in these spamming efforts on a daily basis, I was wondering if greylisting \
> might be a good option here. One of the folks that runs the Abusix service \
> suggested this since he pointed out that I'm really missing these spammers by \
> minutes… 
> What is your "go to" greylisting solution these days? My main concerns are that \
> it's something that's well-maintained, does not need babysitting, and is here for \
> the long haul.

Postscreen http://www.postfix.org/POSTSCREEN_README.html#victory with 
some "deep protocol test" will give a slight greylist-like delay. Since 
you already have it, that would be the go-to. Further than that, I don't 
know what is best practice atm, but personally I use rspamd which has a 
greylisting feature.


> 
> I've been sort of opposed to greylisting in the past due to a userbase that's \
> sensitive to delays, but… the spam is worse.
Having the first connect get a 4xx will actually get a lot of spammers 
to just move on and not come back until the next time rent is due. 
Must-have I'd say.


[prev in list] [next in list] [prev in thread] [next in thread]