[SA-exim] greylisting DNSBL hosts?

Kilian Krause kk at verfaction.de
Fri Oct 8 14:38:19 PDT 2004


Hi,

I just came across a quite interesting idea. 
Greylisting naturally makes only sense if the remote end is no MTA, but
a direct TCP connection. All MTAs will come back and thus greylisting
will only introduce latency which most admins will see as neccessary
tradeoff for reduced spam. 

As sa-exim greylisting will scan a message every time before asking the
sending MX to come back later, this is bound to produce loads of sysload
on the receiving MX, isn't it?
How about moving over to the existing information of DNSBL servers and
perusing their information to at least have an intelligent best guess
who is sending from an IP that may not be an MTA? (obviously presuming
that all non-dialup-hosts could just dump their spam to the local MTA
and thus have it queued for later re-sending)

Has anyone yet produced a config of say exim4 and greylistd using DNSBL
for dialup hosts to trigger greylisting? That way all "regular" MTAs of
providers and such remain whitelisted, and all dialup IPs may come back
if they're a legitimate MTA for some sending user. 

If someone has any idea how to have exim4-daemon-heavy use the DNSBL for
this, i'm all ears. 
Thanks!

-- 
Best regards,
 Kilian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.merlins.org/archives/sa-exim/attachments/20041008/0491a22b/attachment.bin


More information about the SA-Exim mailing list