"JK" == John Lange john.lange@open-it.ca writes:
JK> Would it not make sense to do it in the other order? JK> Greylisting being much less CPU intensive than other spam JK> blocking methods.
The DNS check is pretty lightweight, and early in the process. Heavier checks do run later.
JK> On a related note, personally I'm strongly opposed to block JK> lists since: JK> a) they only work after spam has been sent JK> b) they catch far to many innocent victims JK> c) when other methods are applied properly, blocklists only JK> improve results by a very small amount. JK> "b" being the main reason I don't like them.
Hm. The Spamhaus lists work after spam has been sent to *somebody*, not necessarily me, so no problem there.
Innocent whiners can send an email to let me know if they've been blocked inadvertently. :) More seriously, the RBL stuff does have a way to request getting your address un-blocked, and I think this sort of thing does nudge the ISPs into being more proactive to limit out-bound cruft. The sbl-xbl list also turfs a lot of botnet traffic, without having to scan each message with a local virus checker at my end. For my limited scope, with a handful of users and domains, it's not a big deal to eyeball the log once in a while to see if there's been a false positive. Haven't had one yet, and it's turfed a *lot* of crap. Still, it might be fun to run on just the greylist for a while to see how it does.
I do use an account-specific filter (CRM114) too, but it's now had nothing to catch since last night. While very effective, it's naturally the most heavy-weight process, as well as the most fuss to keep the learning process up to date.
Tim