On 8/15/07, Wil Hatfield - HyperConX <[EMAIL PROTECTED]> wrote:
> >
> > This is the biggest problem with "fake" MX records for me.  If your
> > primary MX is not available, you will simply lose mail from some
> > senders.  It's entirely their "fault" for violating the RFCs but the
> > mail is still lost, and it isn't easy to explain whats going on to
> > your users/customers.  Greylisting gives me about the same effect but
> > it works with a bigger percentage of borken servers and I can easily
> > exclude broken mailservers if needed.
> >
>
> Aaron, so what greylisting techniques are working best for you?
>
> Wil Hatfield
>
>

I use SQLgrey  (http://sqlgrey.sourceforge.net/) with a backend mysql
server shared between all MX nodes.  SQLgrey works very well and has
many smart features beyond basic greylisting that help reduce
problems.  By sharing the database, you gain some coherence which
SQLgrey takes advantage of well.  I had tried some other greylisting
daemons in the past and couldn't deal with the support load they
created, but I've been very pleased with this setup for some months
now.

With a couple RBLs, greylisting, and the UCE checks built in to
Postfix, I can drop about 80% of mail on a good day with very few
complaints.  For some domains it's much higher, I have a couple that I
reject over 99% of their mail and they love it :) When I try to get
more aggressive it generally increases support calls, so I let SA take
care of the rest.

-Aaron



>
>

Reply via email to