Milter-greylist

>
>But there is a problem: spammers will probably use ISP regular SMTP
>servers as relays so that they get blacklisted by the distributed
>honeypot network, thus making the counter measure useless. So we have
to
>invent a way of finding that a host is a regular SMTP server that
should
>not be blacklisted.
>
>I thought about using some scoring scheme. Each time you accept a mail
>from an IP, raise the karma of the IP. If the IP is caught by a
>honeypot, lower its karma. But the idea is not fully mature. 
>

Spamcop, (a DNSBL) uses the same idea with honeypots (at least, they did
use em...). They added IPs of MTAs to there blacklist (bl.spamcop.net)
for 24 hours if a honeypot caught the MTA sending spam. I don't know
exactly how Spamcop classed the MTAs that was caught by one or more
honeypots, since that was a "trade secret" of Spamcop design as I
remember it (I could be wrong, though).

We tried there services about a year ago, and on some occasion one of
the ISPs in Sweden got some of there MTAs blacklisted for this reason
:-)

/P