[RndTbl] Grey-listing in effect on MUUG server

[Tim Lavoie]

>>>>> "JK" == John Lange <john.lange at open-it.ca> writes:

    JK> Would it not make sense to do it in the other order?
    JK> Greylisting being much less CPU intensive than other spam
    JK> blocking methods.

The DNS check is pretty lightweight, and early in the process. Heavier
checks do run later.


    JK> On a related note, personally I'm strongly opposed to block
    JK> lists since:
    JK> a) they only work after spam has been sent
    JK> b) they catch far to many innocent victims
    JK> c) when other methods are applied properly, blocklists only
    JK> improve results by a very small amount.
    JK> "b" being the main reason I don't like them.

Hm. The Spamhaus lists work after spam has been sent to *somebody*,
not necessarily me, so no problem there. 

Innocent whiners can send an email to let me know if they've been
blocked inadvertently.  :) More seriously, the RBL stuff does have a
way to request getting your address un-blocked, and I think this sort
of thing does nudge the ISPs into being more proactive to limit
out-bound cruft. The sbl-xbl list also turfs a lot of botnet traffic,
without having to scan each message with a local virus checker at my
end. For my limited scope, with a handful of users and domains, it's
not a big deal to eyeball the log once in a while to see if there's
been a false positive. Haven't had one yet, and it's turfed a *lot* of
crap. Still, it might be fun to run on just the greylist for a while
to see how it does.

I do use an account-specific filter (CRM114) too, but it's now had
nothing to catch since last night. While very effective, it's
naturally the most heavy-weight process, as well as the most fuss to
keep the learning process up to date.

  Tim