Milter-greylist

Benoit Panizzon wrote:
> Hi Manu
> 
> 
>>>I see more and more spamtools that are greylist aware.  They retry
>>>sending that email after a few minutes. So greylisting does not avoid
>>>them.
>>
>>For how long do you greylist? A long enough delay should do the trick...
> 
> 
> (10minutes)
> 
> Not realy. As example, our favourite swiss spamer is ordering a new bullet 
> proof server in china for allmost every spamrun. He does not just run a 
> 'spambot' on them, but a real mailserver. So just greylisting has become 
> useless.
> Better would be what I suggested: blacklist tuples (or their IP) which had a 
> positive hit in spamassassin. But I understand this is not trivial :-)
> 
> Btw, I have whitelisted all known Mailservers from the list in:
> 
> http://antispam.imp.ch/swinog-dnsrbl-whitelist
> 
> others might find this list usefull too as it eliminates delays from servers 
> which would resend that email anyway.
> 
> -Benoit-


You could always write up a little script that pulls results from your 
spam marked emails, and uses the relay address from that to add to the 
blacklist.