4 Jan
2017
4 Jan
'17
5:57 p.m.
Viktor Steinmann wrote:
On 04.01.2017 08:54, Per Jessen wrote:
Is there any point in greylisting genuine mailservers? We only greylist dodgy-looking setups.
/Per
I don't see how this approach would scale.
To my knowledge, it scales quite well. We maintain a list of regex server-name patterns that we consider 'dodgy' as well as a whitelist. If a reverse lookup matches one of these patterns, we greylist. There are some more checks, e.g. on the HELO, but the reverse mapping is the main one. We run this on a cluster of some 45-46 boxes. The list of patterns is fairly stable.
--
Per Jessen, Zürich (1.9°C)
http://www.dns24.ch/ - your free DNS host, made in Switzerland.