> On 2010-03-30 01:29, Brent Kennedy wrote: >> Graylisting does work.
Jonas Eckerman wrote: > I know it works. That's why I said I like it because it stops spam. > Been using my own implementation for years. For what it's worth, I reconfigured my greylisting relay from a blanket delay to delaying only spamcop neighbors, anything that hits a DNSBL, and any Windows *desktop* (using p0f). The move reduced the fatal delay of 80-90% of my incoming mail down to 64%, which is pretty reasonable given the fact that the inconvenience caused by greylisting has all-but vanished: only 3.3% of those delayed windows desktops makes it through, and more than half of them get rejected by spamassassin. (I don't have comparable stats from before the move. Also of note: 90% is a BIG number, so there may be a flaw in my counting, but since this is relative anyway, it doesn't matter.) My configuration notes were posted to the milter-greylist wiki at http://milter-greylist.wikidot.com/using-p0f and my original post is at http://tech.groups.yahoo.com/group/milter-greylist/message/5496 If I recall correctly, Jonas's implementation also uses p0f and could therefore benefit from my analysis. The gist of it is that matching p0f's results with the (perl-compatible) regular expression /Windows (?:XP|2000(?!SP4)|Vista)/ will safely block only desktops. (Though half of the Windows systems I see mail from use "Windows 2000 SP4, XP SP1+" and it has to be excluded from the "desktops" list because there are sooo many MS Exchange servers out there still running on win2k. I'd love to see p0f overcome that limitation...) -Adam
