Milter-greylist

Ondrej Valousek wrote:
> I am using the "racl whitelist spf pass" and I have not seen any junk
> mail whitelisted by SPF so far - so I consider this as a safe enough option.
> That's also why I do not agree with the proposed "awbyspf" option.

Milter-greylist's default behavior is to whitelist any server that
passes SPF.  It can be disabled with the "nospf" command.  What does
"racl whitelist spf pass" do that isn't done by default?

As to junk mail that passes SPF, its volume is ever-increasing.  SPF
only protects you against spammers who fraudulently claim to use mail
servers you might recognize.  I receive spam from hotmail servers
daily; all of that passes SPF but is still spam.

Recall that there are two benefits to greylisting:  some spammers
don't re-send, and the delay grants time for the blocklists to receive
reports (so by the time spamassassin processes the mail, it's more
likely to be trapped by URIBL/DNSRBL/DCC and the like).  SPF-passes
are almost guaranteed to also re-send, but the delay is key in
trapping it with blocklists.

"awbyspf" simply clusters mail by a domain's legitimate servers, so as
to circumvent issues like gmail's farm and greylisting the second mail
between two users.

> Big mail farms tend to fight with greylisting, yes, but they also
> usually have SPF defined so the clause above will take a care of them
> without my intervention.

This is the opposite of what has been said so far.  Big mail farms
tend to NOT cater to greylisting.  I believe Yahoo greylists known
spammers, but otherwise I don't know of any big mail providers that
use the technology -- there seem to be more big mail farms that are
incompatible with greylisting than there are that use greylisting.