Adding my 0.2€ to the discussion...
I use qgreylist, which enables us to (if properly configured) block whole /24 networks instead of single hosts. Of course, I'm using qmail, so this is a qmail solution. I've successfully integrated greylisting with A/V scanning and SA processing in the incoming relays where you expect a little delay, and by doing so I've diminished the perception of the "incoming first message wait time". Regards, Ricardo Oliveira http://apache.weblog.com.pt/
