Greylisting

Spoke to a customer called Rapier, they use Mimecast for their emails and it is quite a new company. Their way of handling spam, as well as the usual key words and email content and html checking it checks the speed of the servers' send.
It doesn't accept new email addresses first time. What it will do is reject the first email and ask the sending server to send it again. It expects the sending server to re-send it in 15 seconds and then 15 minutes but ours waits 4 seconds and then 24 hours.
So anyone using this system will get delayed receipts for the first send.
So if you are testing campaigns a lot in a day emails keep getting delayed.

Our customer's head tekki said to me: " Just going back to your server timings, I understand that your servers will respond very quickly on the second attempt but why do they wait so long before a third attempt? Most servers try every 15mins?"


This is the link to mimecast's official pdf

---

This is Spam Assasin's pov:
-

Greylisting

Instead of a 2nd fake MX you can use greylisting, which returns a temporary "Come Back Later" error for users currently not known. It has the advantage of helping you on the primary MX directly, and rejects about 60% of the connections here. This is because spammers only try to send once, and if there is an error, they drop it. Real mail servers retry later.

A disadvantage could be that e-mail is delayed a bit, as some users seem to demand that e-mail arrives immediately, and cannot wait some minutes. Either you can tell your users to wait, and save lots of SPAM, or don't use greylisting *g*.

Very good greylist server for postfix are: postgrey: [WWW] http://isg.ee.ethz.ch/tools/postgrey/ (uses DB style files, easy to configure, good support) sqlgrey: [WWW] http://sqlgrey.sourceforge.net/ (uses SQL databases)

exim: Marc Merlin wrote exim-sa, running SA during smtp time. With adaptive greylisting:

  • mails with a low spam score are accepted without delay

  • mails with an average spam score are greylisted, and only those are delayed

  • mails with high spam scores are rejected regardless (no greylisting)

[WWW] http://marc.merlins.org/linux/exim/sa.html

milter-greylist ([WWW] http://hcpnet.free.fr/milter-greylist/) is an excellent greylisting solution for Sendmail. I've been using it for almost two years now, and the difference in the amount of mail SpamAssassin has to worry about is amazing.



from at
Tags: , , ,