Wed Jul 18 16:52:46 UTC 2007
On Wed, 18 Jul 2007, Vernon Schryver wrote: > The current -G option must be "whatever", such as -Gweak-ip. If you > want to increase the embargo to 1 hour and accept all mail from an > SMTP client after any message has passed greylisting, try the man page > suggestion of GREY_DCCD_ARGS="-Gweak-IP,1hour" Okay thanks. >> The reason is in about the last month or so, I've seen a huge uptick in >> the amount of greylisting-resistant spamming, usually it's a picture of a >> chick measuring some guy's dong with a tape measure, pushing pills or >> whatever. > > The only increase I've noticed in greylist-resistant spam that I've > noticed is in backscatter. I wonder if you are using `dccd > -Gweak-body` or `dccm -GIPmask/xx` with too broad a netmask. Well, I'm using IPmask/16. Are you saying I'm (potentially) getting the same exact spam from two different zombies in the same /16, separated by some amount of time, and so it counts as passing the embargo? I'm not using -Gweak-body, and based on the randomizations present in the email, I would think that's not it, but.. > Unless you are using a DNS blacklist that is purely automatic, an > embargo less than several hours or a day sounds optimistic. I thought most DNS blocklists were automatic? At least the ones that are powered by spamtraps?
More information about the DCC