[Greylist-users] Which greylist system for fastest & easiest installation?

Bob Beck beck at bofh.cns.ualberta.ca
Thu Apr 21 19:39:57 PDT 2005 

> Because of the way it works you do not have to do any mail
> queueing or forwarding on the OpenBSD machine - it can 
> perform greylisting for your real smtp servers if you want.
> It is completely MTA independant.
> 
> http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&manpath=OpenBSD+3.7

	Just to be completely clear here, what mark is referring
to is that you could install the OpenBSD machine doing greylisting
for you as a firewall in front of or redirecting connections to another
machine running whatever MTA you like, (i.e. an MSexChange box, or 
something else). While you don't have to run the MTA on the OpenBSD
box, you would at a minimium, have it acting as a firewall in front
of your MTA in order for it to do greylisting for you.

	You could of course, also run any regular unix mta on
the OpenBSD box itself, running spamd in front of it, that works
fine too.

	I've run both configurations quite sucessfully, But please bear in
mind, I'm also biased, I wrote most of it. 

> 
> If you do decide to go this route, you might consider buying
> one of the 3.7 CDs that are coming out mid-May.  These will
> have support for greylisting and a few bug fixes, too.
> 
	
	The greytrapping feature is new in the upcoming 3.7 release, meaning
for those of your not familiar with OpenBSD that you either have to 
build from source, or wait for the upcoming CD release in May. other
than that greylisting support is in the current (3.6) release, and
several previous. 

	OpenBSD current has a couple of new features I'm working on, the
first of which is to stutter at 1 char per second for 10 seconds to
all greylisted connections, then talk at full speed. No real MTA
cares about that initial slowdown, and about 1/3 to 2/3's of the 
spammers out there are now detecting tarpits and disconnecting quickly, 
makes 'em easy to chase away. That combined with a good greytrap
list on a big site here has cut my greylist database size from 50,000 
entries (in 4 hours) to about 12-13.

	Cheers,

	-Bob

-- 
Bob Beck                                   Computing and Network Services
beck at bofh.ucs.ualberta.ca                           University of Alberta
True Evil hides its real intentions in its street address.

More information about the Greylist-users mailing list