On 10/02/2011 3:04 PM, Christian Roessner wrote:
Hi,
I am trying out the postscreen server - and am very impressed so far. My
original interest was in greylisting - so I have the deep protocol tests turned
on so that the temporary failure code 45x is returned for non-whitelisted
clients.
During my testing - I noticed that the small trickle of spam that still makes
it past postscreen reattempts immediately after a 45x with no delay, whereas
genuine mail will wait at least a few minutes before reattempting after a 45x.
I hope, I may ask, but if a client is able to queue mail after a 45x, wouldn't
this same client come back after 300 seconds, too? And so skipping the
greylisting barrier? Or are there some bots outside that can do that? But even
then, they might be lucky at a later time, when the host, where they live on,
returns (even with dynamic IP; just a question of patients).
Christian
Yes - I am assuming that most bots wouldn't queue, although I have no
evidence for this. I think you are right that there may be cases where
bots will still get through if they send different spam at a later time.
__________ Information from ESET Smart Security, version of virus signature
database 5892 (20110221) __________
The message was checked by ESET Smart Security.
http://www.eset.com
