On 6/10/2013 4:46 PM, David F. Skoll wrote: > [Lost track of who wrote this] > >> 66.96.253.241 >> 64.120.241.228 >> 66.197.142.29 >> 66.197.142.23 >> 66.197.207.152 >> 66.197.177.174 >> 64.191.61.25 > > Every single one of those IPs is on our "GreylistStumbler" list, meaning > they've been greylisted, but have not been seen to pass greylisting. > > Implementing greylisting might stop most of the problem messages. > > Regards, > > David. >
(Brian is the one who wrote it :)) That's an interesting observation, David. As someone who recently implemented greylisting, its efficacy in this particular type of situation cannot be overstated. Our spam volume dropped from about 35% to less than 2% overnight, thanks to greylisting at the MTA level. While somewhat of a generic prescription, it's well-prescribed for a reason: sort-out your Bayes situation (will probably require wiping and starting over with a hand-sorted corpus that is *retained*) and implement greylisting (provided you can live with its caveats). The DNSBLs can be used to supplement the above. Good luck, Brian! --Ben
