last AprilMartin Blapp has presented a nice concept at SwiNOG:
instead of greylisting, the SMTP server delays the first OK response to HELO/EHLO for 30 seconds. That is usually enough for the vast majority of spambots to give up. Also if the client tries to send something before receiving the OK, the connection is dropped immediately.
Martin implemented this hack in a FreeBSD kernel module. Of course this gives more room for performance, but then it binds the solution to a specific OS and kernel release. I personally feel there's something wrong if the kernel has to deal with an application-level protocol. On the other side, you usually install a dedicated server just for incoming mail processing.
I think there should be ways to do it outside of kernel, in userland, in a nice and efficient way. But I never had the time to dig any deeper :) The biggest challenge is to keep thousands of open TCP connections in the memory and still have enough CPU power to process SMTP and deliver the mail.
cheers, stan
----- Original Message ----
From: Gregoire Galland mlgg@hispeed.ch To: "swinog@lists.swinog.ch" swinog@lists.swinog.ch Sent: Mon, October 19, 2009 6:27:25 PM Subject: [swinog] Greylisting
Hi all!
I was wondering who is using Greylisting in their compangny, and if yes, do they receive any complaints from customers about latency or not deliverance of mail?
Thanks for answer
G.Galland