Eric Shubert wrote: > If this email is not spam, click here to submit the signatures to > FortiGuard - AntiSpam Service. > <http://nospammer.net/SubmitSpam/submitspam.php?id=I3QzAT8uYQIIdE1feU50 > Tw__&sig=e3g0toR48LxoIzFvaiVlc3l4NCx2MTNvG1NQAQ5cDhRUDUdJBEJzBxhCXAgTTgBfFgp > TLHYxMXRoIzBsaiVSGQ0MRBZZHkQDHw1CHAtIAQgSHRpDBFYcGQlKXQELS0odEAtARRhXXFsbU1A > BDlwOFFQNR0kEQjN0aCcxbGolZXF5YDQsdjMzdGMLeYLmmpuhIfUmyL3kY3US3w__> > > > On 10/25/2010 10:50 AM, Adam Bultman wrote: >> Good morning. >> >> I have a fairly simple question about the graylist-exception options for >> spamdyke.conf. I have checked the documentation, and searched the >> mailing lists, but not found my answer. >> >> With other whitelist options with spamdyke, whitelisting the IP/RDNS >> will bypass all filters. >> >> With graylist exceptions, it says that it will bypass the graylisting, >> but it doesn't mention if the other filters are bypassed, or if they are >> enforced. >> >> I have some domains on my spamdyke-enabled servers which go through >> postini, and as a result I had to put the postini servers in the >> graylist-exceptions-rdns file; but while postini doesn't have to be >> graylisted anymore, it doesn't appear to be applying many other filters >> (if any). I do get some DENIED_OTHER, but I don't see any denials for >> missing MX, or unresolvable domains, etc. While it is possible that >> postini is vetting those email addresses, certainly not all, because I >> see some obvious, obvious spam running into the incoming mail queue, >> past spamdyke. >> >> Is it possible that the graylist-exception is also allowing the bypass >> of most of the other filters as well, or am I simply ignorant of what >> precisely the graylist exceptions are doing? Or is it otherwise >> impossible to run some of the other checks against the incoming mail as >> a result of coming through postini? >> >> Any comments would be appreciated. In the meantime, I'll see if I can >> update - I've have spamdyke-4.0 installed on my systems here, so the >> graylist-exception option is available. >> >> Thanks, > > Hey Adam. I don't know for sure about graylist exceptions, but Sam will > tell you for sure about that. > > In the meantime, I can say that most of spamdyke's effectiveness comes > because it is connected to, and can thus evaluate aspects of the sending > server. Since postini is in between the sending server and spamdyke, > many of spamdyke's filters (the rDNS related ones, RBLs, and perhaps > others) become ineffective because spamdyke sees postini as the sending > server instead of the "real" sending server (which delivered to > postini). IOW, spamdyke is most effective only when it's on the > perimeter. When postini is used, spamdyke is no longer on the perimeter, > and is thus significantly less effective. > > On a side note, I'd like to see a comparison of spamdyke to postini > sometime. My hunch is that spamdyke's effectiveness (paired with > spamassassin) rivals that of postini, but that's just a hunch. > Meaningful measurements of one vs the other would be difficult at best. > > HTH. > > -- > -Eric 'shubes' >
I just did some more research on my mail logs, and it appears that the only denial I get with mail through postini is DENIED_OTHER, and that is simply because the user doesn't exist on the domain. Postini in many cases is not configured to reject nonexistent users, so the mail to nonexistent users gets passed through to my mail servers. It does make for a lot of useless SMTP connections - about 1,000 SMTP connections an hour for users who don't exist, with half of those being for a single nonexistent user on a domain! Crazy! Thanks for all your help, Eric. Adam _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
