Chetan wrote regarding 'Re: [EE] email spamblock router?' on Mon, Jan 16 at 16:32:
> You should enable RBL checks and greylisting on your mail servers. It
> reduces spam a lot.

Greylisting assumes that all remote mail servers use only one IP and
that they all behave according to standards.  Both of those are
not-so-good assumptions, as the remote server may
 - reject the mail given a temporary 4xx error instead of trying again
   later
 - send a confusing message to the original sender, which might cause
   the original sender to resend the message
 - retry through a different network interface / different server,
   which will again be subjected to the greylisting
And it *always* delays mail (unless the server remembers IP and sender
combinations for some period of time, which takes memory and may well
expire before its encountered again - esp. on a busy machine).

Given the increased delay and the likelyhood of rejecting legitimate
email, I generally am not in favor of global greylisting.  I do use
sender address verification on a couple of sites - Yahoo and Hotmail
among others - which is a bit like address greylisting except that it
also verifies the validity of the sender address before accepting mail
from that sender.  But I only do that on domains that are frequently
forged (which includes my own domains) and which I know will work with
the scheme.  AOL, for example, will ban your IP if you do a lot of
address verification against them.  then you have to call, explain
your position, and either turn it off or expect to be banned again
within a few weeks (which is annoying).

Anything that bounces email really needs to be 100% accurate 100% or
the time.  Greylisting isn't, and will only work on the stupidest of
spam programs - which are getting more and more rare.

--Danny
-- 
http://www.piclist.com PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist