Milter-greylist

Dan Mahoney, System Admin a \ufffdcrit :
> 
>> 3. http://www.dnswl.org/
> 
> I've got my own issues with them, and we wouldn't be serving the same 
> purpose.  My whitelist would be PURELY a dynamic list of "people not to 
> greylist", not "people to give additional kudos in SpamAssassin, etc." 
> DNSWL has added a bunch of mail relays (like LiveJournal) which relay mail 
> for a given forwarder account but there's no logic in my spam filters to 
> know to look "past" the livejournal servers for the actual spam source. 
> (Short of adding livejournal's current MX ip to trusted_networks).  I 
> digress.
> 

DNSWL aims to inventory all "known legitimate email servers", that are 
servers which are powered by real MTAs (not spambots).

Greylisting sole goal is to block fake MTAs (spambot-like), which are 
usually illegitimate and do little retries, if any.

Is is pointless to greylist DNSWL-listed servers, because if properly 
configured they WILL retry. If some of them are relaying SPAM, it will 
pass through greylisting; delaying is not blocking.

So it makes sense to use DNSWL as a whitelist to bypass greylisting. 
Primary benefit is to avoid greylisting delay on legitimate email, and 
secondary is to let through legitimate MTAs which aren't 
greylisting-aware by design, such as mail farms.

Remaining SPAM should be treated by other means, such as content 
analysis, embedded URL RBL-check, and DNSWL "Trustworthiness" score.


-- 
Ce message a ete verifie par MailScanner
pour des virus ou des polluriels et rien de
suspect n'a ete trouve.