> With large service providers (GMail, Yahoo!), the retries come from
> different IP addresses, and so are treated as a new attempt by the
> greylister.
Oh, I see. I thought we were talking about clamd causing greylisting code
to go into huge retry loops.
AISI, this is an innate problem with greylisting (and one of the reasons I
didn't bother getting round to it). It's nothing to do with clamd per se;
and similarly-configured greylist tool will cause the same effect.
> The best solution to that that I've seen so far is to
> greylist on the basis of a /24 source, instead of a single IP (/32)
> source, so a retry from anything that matches the first 3 octets of
> the original source IP is accepted.
That's quite neat, but will afford slightly less protection against botnet
spamming, of course.
Vic.
