Milter-greylist

Eduardo Casarero 
Informatica Avanzada SRL 
e-mail. eduardo.casarero@informaticaavanzada.com.ar 
tel. +54-11-5235-3939 ext. 666 
movil. +54-011-49372448 


----- "Vincent Rivellino" <vince@...> wrote: 
> 
> 
> 
> 

On Wed, October 7, 2009 09:46, philippeake wrote: 
> > Very few spammers still used dedicated systems to send out their wares, 
> > most now use bot farms. 
> > 
> > This means that they will be sending via real MTAs, which will retry. 
> > 
> > Looking at my logs over the last two days I see this: 
> > 
> > # grep "Greylisting in action" mail | wc -l 
> > 1234 
> > # grep "delayed for" mail | wc -l 
> > 1234 
> > 
> > So every email delayed by greylisting was eventually re-sent and accepted. 
> > 
> > Most SPAM was blocked by RBLs, that which passed (the 1234 above) then 
> > went on to SpamAssassin, which trashed around 1,210 of them as SPAM. 
> > 
> > Greylisting contributed ... zero. 
> 
> Working good for me ... 
> 
> [var@cp1 tmp]$ zcat mx1-maillog.1.gz mx2-maillog.1.gz | sed -n 
> 's/^.*milter-greylist: .* from <\([^>]\+\)> to <\([^>]\+\)> delayed 
> for.*$/\1:\2/p' | sort -u | wc -l 
> 741 
> [var@cp1 tmp]$ zcat mx2-maillog.1.gz mx2-maillog.1.gz | sed -n 
> 's/^.*milter-greylist: .* from <\([^>]\+\)> rcpt <\([^>]\+\)>: 
> autowhitelisted for.*$/\1:\2/p' | sort -u | wc -l 
> 65 
> 
> Last week I had 741 unique from-addr/to-addr combinations that were 
> greylisted, but only 65 unique from-addr/to-addr combinations that were 
> autowhitelisted after the greylisting. 
> 
> FWIW - I only use one RBL (HostKarma's BL) to actually blacklist. I used 
> other RBL's for varying lengths of greylisting. 
> 
> 


I my stats doesnt separate greylisting rejects from unkwnown user but here they are: 

Since 2009-09-01 up to now: 

Rejections: 109.206.474 

SPAM : 13.331.196 

HAM: 7.289.974 

I dont reject with rbl at MTA level, and greylisting takes more than 60% of rejections. 

So, yes, greylisting still do the job (at least in latin america). 




>