> Oh, I'm not saying it doesn't work. What I'm saying is, greylisting
> is trivial to bypass, and some spammers have figured that out.
> Amazingly, most of them still haven't, which is why it still works in a
> significant number of cases.
>
greylisting does what it does. It delays the initial email
for 30 minutes or more. what you do with that 30 minutes will decide
on how effective it is for you.
In that 30 minutes)
1) you can look at their traffic profile and decide you don't want to
talk to them.
2) they can hit a greytrap locally and you can decide you don't want to
talk to them.
3) they can hit a bogus domain mx'ed to you locally and you can decide you
don't want to talk to them.
4) optionally, if you check the greylist against valid local mail addresses,
you could trap them if they're mailing to bogus local addresses (we do that
here)
5) 1-4 could happen above at someone elses site (like nixspam or uatraps) that
you are using as a blacklist.
And in the end some of it gets through. That's why you run other
stuff in addition to spamd if you really can't stand that.
spamd is designed to get the low hanging fruit. It is *NOT* designed
to stop all possible spam, forever. attempting to do so there is wrong. Spamd is
a *tool* - it's good for what it's good for - stopping stuff that is easily
identifiable in the smtp dialogue. It is not intended for other things.
-Bob
