Stan Hoeppner wrote: > Mikael Bak put forth on 9/27/2010 6:18 AM: >> Stan Hoeppner wrote: >>> Michal Bruncko put forth on 9/26/2010 4:24 AM: >>> >>>> It is possible in some way to configure postfix, that SPF Passed mails >>>> will be automatically accepted with postfix without greylisting? >>> If I may be blunt: this is a really dumb idea. Many, maybe all, >>> snowshoe spammers have valid SPF records. Thus, accepting mail simply >>> because the connecting IP passes SPF muster isn't a bright idea. >>> >> Snowshoe spam will most probably pass greylisting too. Better not >> clutter greylisting database with useless things. Have the blacklists >> block'em instead. > > I don't follow your logic here. Yes, most snowshoe is sent from real > MTAs, not bots, so greylisting won't stop it. However, dnsbls and local > block lists aren't very effective against snowshoe either, although > Spamhaus DBL is getting much better WRT snowshoe. I have a local > snowshoe cidr table I've been building for 2 years and it works rather > well as I see maybe 1 snowshoe in the inbox every two weeks or so. > However, most people probably don't have such a local snowshoe blocking > list. >
My logic is crystal clear. Your post is full of contradictions. Your snowshoe cidr is a blacklist, isn't it? I did not specify what blacklist to use. I did just say that graylisting is an expensive task to do if you know that it's almost worthless for those emails. But I guess for your one-person mail server at home, that does not count. >> So OP's request is valid IMO. > > Shooting mail straight into the inbox based on an SPF pass is not a > valid strategy, but a recipe for more spam in the inbox. SPF is > properly used in a scoring system within a policy daemon or external > content filter such as SA, same as DKIM etc are. > I did not say that! I said OP's request to bypass greylisting for SPF Passed email is valid. I did not say it should bypass anything else! You had a problem reading my not-so-native English? And please, Stan. Please understand that some of us here have large email infrastructure to administer. It's completely different from a hobby mail server at home. Kind regards, Mikael
