Den 21.05.2020 20:49, skrev Charles Sprickman:
Hi all,
I have a site with a very old domain that’s at the front of the alphabet. For
some reason (age, alphabetical order, ???) that domain gets bombarded with spam
before the senders make it onto any of the blacklists I use (even trialed a few
for-profit blacklists). Literally some of these miss getting caught by 2-3
minutes. Aside from the general jaw-on-floor reaction I have to just how so
many new “clean” IPs are enlisted in these spamming efforts on a daily basis, I
was wondering if greylisting might be a good option here. One of the folks that
runs the Abusix service suggested this since he pointed out that I’m really
missing these spammers by minutes…
What is your “go to” greylisting solution these days? My main concerns are that
it’s something that’s well-maintained, does not need babysitting, and is here
for the long haul.
Postscreen http://www.postfix.org/POSTSCREEN_README.html#victory with
some "deep protocol test" will give a slight greylist-like delay. Since
you already have it, that would be the go-to. Further than that, I don't
know what is best practice atm, but personally I use rspamd which has a
greylisting feature.
I’ve been sort of opposed to greylisting in the past due to a userbase that’s
sensitive to delays, but… the spam is worse.
Having the first connect get a 4xx will actually get a lot of spammers
to just move on and not come back until the next time rent is due.
Must-have I'd say.
