James Harper wrote:
James Harper <james.harper@bendigoit.com.au> writes:
Use greylisting. I wrote my own here that has some smarts about trusting domains (eg bigpond) once a certain number of senders have been seen. I used to greylist for an hour but only 15 minutes now, and only for email with a spamassassin score above some threshold. The idea being that by waiting a bit the sender may get blacklisted in that time if I am the recipient of a new spam run.
IIRC we greylist for one second. The fact that they're retrying *at all* shows they're not spammers. We also have to whitelist bigpond :-/
My solution doesn't require whitelisting bigpond because it sees enough 'good' emails that get whitelisted directly because they have enough emails with low spamassassin stores that it sorts itself out within a week or so, probably less. Optus is (was?) the same in that they'd retry from different IP addresses.
Cool; I wasn't entirely sure that's what you were saying. Since it's so, I'd be interested in details/source code.