Mikael Bak put forth on 9/28/2010 4:25 AM: > Stan Hoeppner wrote: >> Mikael Bak put forth on 9/27/2010 6:18 AM: >>> Stan Hoeppner wrote: >>>> Michal Bruncko put forth on 9/26/2010 4:24 AM: >>>> >>>>> It is possible in some way to configure postfix, that SPF Passed mails >>>>> will be automatically accepted with postfix without greylisting? >>>> If I may be blunt: this is a really dumb idea. Many, maybe all, >>>> snowshoe spammers have valid SPF records. Thus, accepting mail simply >>>> because the connecting IP passes SPF muster isn't a bright idea. >>>> >>> Snowshoe spam will most probably pass greylisting too. Better not >>> clutter greylisting database with useless things. Have the blacklists >>> block'em instead. >> >> I don't follow your logic here. Yes, most snowshoe is sent from real >> MTAs, not bots, so greylisting won't stop it. However, dnsbls and local >> block lists aren't very effective against snowshoe either, although >> Spamhaus DBL is getting much better WRT snowshoe. I have a local >> snowshoe cidr table I've been building for 2 years and it works rather >> well as I see maybe 1 snowshoe in the inbox every two weeks or so. >> However, most people probably don't have such a local snowshoe blocking >> list. >> > > My logic is crystal clear. Your post is full of contradictions.
I see not contradictions in my post. > Your snowshoe cidr is a blacklist, isn't it? > I did not specify what blacklist to use. > I did just say that graylisting is an expensive task to do if you know > that it's almost worthless for those emails. Of course greylisting is expensive. Where did I state otherwise? But using an SPF pass to bypass greylisting isn't going to be all that useful unless you have other checks further downstream to kill snowshoe. For most, this will be a content filter such as SA. In my experience, such content filters are more expensive WRT resources than straight greylisting. Thus, what you should probably do is run a content filter in front of greylisting. > But I guess for your one-person mail server at home, that does not count. What is the reason for this statement? >> Shooting mail straight into the inbox based on an SPF pass is not a >> valid strategy, but a recipe for more spam in the inbox. SPF is >> properly used in a scoring system within a policy daemon or external >> content filter such as SA, same as DKIM etc are. > I did not say that! > I said OP's request to bypass greylisting for SPF Passed email is valid. > I did not say it should bypass anything else! Ok, not that this is "crystal" clear, you could probably write your own policy daemon to do this, if ones doesn't already exist. > You had a problem reading my not-so-native English? None at all, merely your use of "automatically accept". > And please, Stan. Please understand that some of us here have large > email infrastructure to administer. It's completely different from a > hobby mail server at home. What is your point of this statement, other than showing your lack of knowledge of me, and the systems I manage? -- Stan
