Salut, Stanislav,
On Fri, 17 Oct 2008 08:42:49 -0700 (PDT), Stanislav Sinyagin wrote:
actually greylisting works pretty well, and the whitelist of exceptions is relatively small (not more than 300 entries as far as I remember). Also if you communicate the value of it to the customers, they tend to agree that having 90% of spam filtered before entering the system is worth waiting for half an hour for email from a new source.
They don't care as long as they receive all mails they want to.
It's also a matter of resources: if you don't want or cannot enable greylisting, you have to invest more resources into a more sophisticated mail filtering software. Even if it's available for free, still developing and maintaining your solution might become too expensive.
I've found a different method to be at least equally time-saving: rejecting SPAM rather than accepting and deleting it. The basic dialog looks about like this:
Out: 220 planck.ngas.ch ESMTP Postfix (2.5.1) In: HELO gurgel.org Out: 250 planck.ngas.ch In: MAIL FROM: blubber@gurgel.org Out: 250 2.1.0 Ok In: RCPT TO: kreisch@ngas.ch Out: 250 2.1.0 Ok In: DATA Out: 354 End data with <CR><LF>.<CR><LF> In: [...] In: . Out: 550 Keep your SPAM to yourself.
The scheme doesn't look as great as it works. The end result is that the spammer learns that the address is not reachable (because permanent errors are usually received for non-existent addresses) and won't retry as frequently as for others.
This keeps the level of incoming SPAM really low. In addition, it has the great advantage that if a sender really happens to fall into the false positive trap, he will discover it immediately by receiving a mail from his own mail server saying that the mail could not be delivered, rather than to notice after days that the other end has deleted or never read the mail.
Greetings from inside the Grenchenbergtunnel,
Tonnerre