Milter-greylist

> I have my greylisting set for 10 seconds and autowhitelisting for 30
> days. The spammers who never try - well, they never retry. It doesn't
> matter what the greylisting time is set for. Why needlessly delay the
> MTAs that _are_ going to retry?

I completely forgot to reply to the text I cited ...

There are two merits to greylisting:  the required retry and the delay.
You are correct in that a ten second delay is enough to deter those
servers that never re-send.

However, the secondary benefit of greylisting is lost.  A delay ensures
that other servers without the delay have a chance to report the spam to
various databases:  your local bayes database, spamcop and other relay/URL
DNSRBLs, DCC, etc.  After this delay, spamassassin or whatever other tool
you use is more likely to trap spam.  This mostly works because servers
using greylisting are still a minority.

If the delay is only ten seconds, and the sending mail server re-sends in
thirty seconds, the spam is less of a known quantity and therefore less
likely to get flagged as such.


I suppose I could add another milter between greylisting and spamassassin
that merely delays greylisted mail for an extra 20 minutes, or perhaps
get even more complicated and delay spam scoring 3+ points meeting that
criteria for a second scan 20 minutes later ... hmm ...