Why don't ISP's use real-time black lists *retroactively* to eliminate PENDING spam? What I mean is, in the following scenario.... ------------------------------------------ NOON: Spam item Z from spammer X to spammee Y arrives at Y's mail server. X is NOT on blacklist. 1:00 PM: X's address appears on blacklist; Y has not yet read his email (so has not yet retrieved item Z). ------------------------------------------ ... why not delete spam item Z at 1:00 PM? The technique description at http://hcpnet.free.fr/milter-greylist/ assumes that spam from X is only eliminated if it is sent AFTER the appearance of X's address on the blacklist: "If spammers ever try to resend rejected messages, we can assume they will not stay idle between the two sends (if they do, the spam problem would just be solved). Odds are good that the spammer will send a mail to a honey pot address and get blacklisted in several real-time distributed black lists before the second attempt." Uriel http://urielw.com P.S. This is a general spam-battling issue. I realize it doesn't reflect any problem in milter-greylist itself.
Message
Use real-time black lists *retroactively*!
2005-03-11 by Uriel Wittenberg