[prev in list] [next in list] [prev in thread] [next in thread] 

List:       postfix-users
Subject:    Re: Preferred/maintained greylisting options?
From:       Marvin Renich <mrvn () renich ! org>
Date:       2020-05-26 21:11:06
Message-ID: 20200526211106.uib7x2wnh2x7wxum () basil ! wdw
[Download RAW message or body]

* Laura Smith <n5d9xq3ti233xiyif2vp@protonmail.ch> [200524 16:00]:
> > I've been sort of opposed to greylisting in the past due to a
> > userbase that's sensitive to delays, but… the spam is worse.
> 
> IMHO Greylisting is rather pointless. Its a blunt tool, and not only
> that it does that unforgivable thing of annoying genuine people.

I agree that greylisting, as most documentation, blogs, etc, describe
how to configure it, has always been a bad idea, primarily because it
delays most or all mail that is not whitelisted.

However, when I first set up greylisting on my family email server (it
was exim way back then, but has long been postfix), I set it up so that
all incoming mail was sent through spamassassin _during_ SMTP, prior to
accept or reject.  Mail with a high enough spam score was rejected
outright.  I then used greylisting _only_ for email whose spamassassin
score was considered spam, but not high enough to reject outright.

This setup virtually eliminates false positives from spamassassin, and
avoids delaying legitimate email except for the few that would have been
rejected falsely.

Contrary to someone else's experience related in this thread, I still
see a significant amount of spam that greylisting blocks, and extremely
few spammers retry and get through.

I have only had one known case (i.e. someone said they were expecting an
email that they didn't receive) in a very long time where a legitimate
email was greylisted and the sending server did not retry, and that was
recently from an outlook365 server.  Ironically, someone was following
Microsoft's instructions to have an IP address removed from outlook365's
internal RBL, and the message sent by Microsoft failed several of
spamassassin's default tests (way to go, Microsoft!) and their server
never retried (I watched the logs and they did not retry from a
different IP address).  <sarcasm>What a well-run mail system,
Microsoft.</sarcasm>

...Marvin

[prev in list] [next in list] [prev in thread] [next in thread]