[vox-tech] postgrey is dangerous?
Bill Broadley
bill at cse.ucdavis.edu
Wed Jul 2 00:30:15 PDT 2008
Sorry to comment late, but I figured I'd throw my input in.
First of all the idea behind grey listing is quite sound, it's an official
part of the SMTP standard and anyone who can't deal with it is running a
broken mail server that will fail in many real world scenarios that do not
involve greylisting. A please try again later can come up for numerous
reasons, system load, maintenance windows, system failure, etc.
I've found it to be rather effective, when combined with HELO filtering can be
quite effective at cutting down the amount of SPAM and makes it much easier to
run a mailserver that saves the most cpu intensive SPAM/Virus scanning for the
much reduced traffic that makes it through. This graph is representative
to what I saw:
http://postgrey.schweikert.ch/mailgraph_greylisting.png
The compatibility from what I can see is pretty good, I've seen zero problems
with the bigger systems like yahoo, gmail and the like. Sure some travel
agent running some wonky mailserver that he bought as a turnkey package from
some clueless company 5 years ago might have this incompatibility, but 10%
of his email vanishes into the either because it doesn't handle SMTP properly
in many ways... but typically such folks adapt and will follow up from a gmail
account or something. Real estate agents seem to have similar problems.
Additional documentation for postfix is at:
http://www.postfix.org/SMTPD_POLICY_README.html
The above also includes a sample greylisting daemon if you don't want to use
postgrey.
Other implementations at:
http://www.greylisting.org/implementations/postfix.shtml
More information about the vox-tech
mailing list