On Wed, Oct 15, 2008 at 9:20 AM, Brian Evans - Postfix List <[EMAIL PROTECTED]> wrote: > Rick Zeman wrote: >> On Tue, Oct 14, 2008 at 11:41 PM, Henrik K <[EMAIL PROTECTED]> wrote: >> >>> On Tue, Oct 14, 2008 at 05:32:56PM -0400, Rick Zeman wrote: >>> >>>> Just discovered that gmail is now retrying greylisted email from not >>>> only multiple servers, but from multiple servers located within >>>> different subnets...which totally breaks breaks tumgreyspf greylisting >>>> implementation. I kind of like it cuz it uses the filesystem to store >>>> its data. However, there's no way to whitelist every one of their >>>> smtp servers. >>>> >>> Of course there is, add client table before policy server: >>> >>> .google.com OK >>> >> >> Hmm, that didn't work for me--still got greylisted.. Relevant section below. >> >> smtpd_recipient_restrictions = >> permit_mynetworks >> reject_unauth_destination >> reject_unverified_recipient >> check_recipient_access hash:/etc/postfix/always_allowed >> > > Did you notice this is a *recipient* access map? I don't think you are > google.com, so it will never match. > > I use dnswl myself. No problems at all with it. > I personally think greylisting wastes a lot of time for little return. > policyd-weight + amavisd-new (with clamav) are much more definitive > answers (kills 98% of spam here).
Evidently I didn't notice. Greylisting isn't a be -all or end-all in itself. It's just one tool in an admin's arsenal, and for me greylisting is a lot "cheaper" (along with certain safe rbls" than) SpamAssassin, which we also use.
