li...@rhsoft.net wrote: > what i recently implemented was > * give thx MX a second IP > * add it everywehere as backup-mx > * disable postcreen WL on that IP
I am doing the same thing here. It is helpful, but I don't think it solves all problems. The implicit greylisting of the deep protocol tests seems to help a lot. Thanks for sharing your postscreeen dnsbl and spamassassin configurations. My experience is also that the default spamassassin scores don't seem to be properly weighted to stop the spam we are receiving. The deep protocol greylisting, however, is really effective, so the spamassassin configuration becomes much less important. I could be wrong, but if greylisting works reliably, it feels safer to me than adding a ton of blacklists. I'd rather get a legitimate email a bit late than not at all due to a false positive blacklist reject. Thanks, Andy
