Preston, I do not believe that spamd can deliver mail on the first attempt. Hosts like Southwest airlines and a few others only attempt to send mail _once_ and never try again. Even worse are hosts that use unique From: addresses on every attempt and thus never get white listed. Other hosts only retry the delivery of mail once or twice in a four(4) hour period. I understand your dilemma especially if you work in marketing.
Spamd needs to know about the host trying to deliver the mail before it can white list the host. Normally, the remote host would need to connect to your mail host at least three times before the mail can be delivered. For example: attempt 1: host is GREY listed attempt 2: host is WHITE listed attempt 3: host connects to the real mail server to deliver its mail We have written Perl scripts to watch the spamd logs and add remote hosts that send to valid email addresses to the white list. This will reduce the amount of attempts the remote host needs to make down to two: attempt 1: host is GREY listed by spamd _and_ WHITE listed by our script attempt 2: host connects to the real mail server to deliver its mail The speed at which the email is delivered is dependent on the retry rate of the remote host. This still in not a perfect solution. Now, you could try to collect a white list of hosts you always accept mail for, but the problem is your users want to accept mail quickly from all hosts. If your business is highly dynamic and you accept email from new potential clients all the time then this method is not really that helpful. If anyone has any other ideas on this topic I would also be interested in hear them. Hope this helps. Spamd tarpit/greylisting anti-spam "how to" http://calomel.org/spamd_config.html -- Calomel @ http://calomel.org Open Source Research and Reference On Tue, Apr 15, 2008 at 10:48:47AM -0500, Preston Kutzner wrote: >I'm hoping someone can help me by answering a couple of questions >regarding spamd. Ultimately, I'm wanting to know if the spamd setup >I'm envisioning is possible. I'll explain the situation. > >To begin, we attempted a typical setup of spamd in greylisting mode on >our firewall in front of our MX. This worked great and was catching >lots of spam, for around 48 hours. During this time, we (IT Dept.) >got several complaints about delayed delivery of emails from our >clients. This was mostly due to impatient recipients within our >organization. However, as a result, we were told, by executive order, >to shut down the greylisting. Apparently the greylisting, in doing >what it's supposed to do, was "disrupting time-sensitive email". >Nevermind that we were white-listing these senders as we were made >aware of them. > >So, this brings me to my set-up inquiry. We do receive lots of >delivery attempts to non-existent addresses in our domain and the >greytrapping feature of spamd was especially handy for blocking sites >attempting to deliver to these non-existent addresses. I would like to >be able to take advantage of this feature of spamd, along with the >"blacklist" features, while not delaying email to non spamtrapped >addresses. > >>From my understanding of the interaction between spamd and pf, this >either isn't possible or is non-trivial. However, I figured I would >see if anyone has done a similar set-up or knows of a way to implement >this. Thanks. > >[demime 1.01d removed an attachment of type application/pgp-signature which >had a name of signature.asc]
