Milter-greylist

I just added milter-greylist to one of our servers that takes several
thousand hits per day from Spammers. Overnight my personal mailbox which
can generally have 250-300 messages tagged by MailScanner has zero in it!

Great - I love this filter - great job.

My next step is to install it on our main mail gateway servers which live
behind a pair of F5 BigIP's and are totally load balanced. From the
outside they look just like one big server but requests are spread among
the 4 servers on the inside.

Does any one have suggestions as to the best way of implementing this so
that the milter-greylists share info regarding outside server that are
under a delay from another server in the group?

Thanks for you help.


Garry Davies

Garry Davies wrote:
[snip]

> Does any one have suggestions as to the best way of implementing this so
> that the milter-greylists share info regarding outside server that are
> under a delay from another server in the group?

Today's your lucky day:

from the greylist.conf file

# peer entries to enable greylist sync among the MX
#peer 192.0.2.17
#peer 192.0.2.18

put the other machine's ip addresses after the peer keyword and they 
sync greylists.

Graham

> Today's your lucky day:
>
> from the greylist.conf file
>
> # peer entries to enable greylist sync among the MX
> #peer 192.0.2.17
> #peer 192.0.2.18
>
> put the other machine's ip addresses after the peer keyword and they
> sync greylists.
>
> Graham
>

Thanks Graham I actually figured it out and they are all working fine!

BTW what sort of delays are generally in use?

I have been using 5m and most of the SPAM seems to fade away with no real
complaints from the mail clients. Has anyone used less?

Cheers



Garry

On Fri, 2004-10-22 at 14:39, Garry Davies wrote:

> 
> Thanks Graham I actually figured it out and they are all working fine!
> 
> BTW what sort of delays are generally in use?
> 
> I have been using 5m and most of the SPAM seems to fade away with no real
> complaints from the mail clients. Has anyone used less?
> 

I setup a system using 2 minutes and it has worked very well.  From what
I have seen most legit systems retry at least once within 5 minutes. 
Most spam systems don't retry at all.  I saw spam drop from a rate of
3000 to 6000 a day down to 4 to 8 a day that got into sendmail. 
Spamassassin took care of flagging those few.

The problem was approaching the point that the company I set this up for
was seriously considering shutting email down entirely.  

-- 
Scot L. Harris
webid@...

It's a very *__UN*lucky week in which to be took dead.
		-- Churchy La Femme