2011/6/20 John Levine <johnl@iecc.com>:
Hi. I'm the guy who wrote the CEAS paper on greylisting.
Greylisting is useful, but anyone who thinks it's a substitute for DNSBLs has never run a large mail system.
You're right, greylisting on a large system may not be efficient as it won't block everything and will eat-up quite a lot of system ressources. But it's a good start once basic protocol-checks have already eliminated the 80% amount of bullshit sent from botnets. My point is : combining server-side checks of different nature is often enough to avoid the use of RBLs and still provide a goode quality of service. It probably won't scale to comcast' or AOL' MXs but it's way better than relying on an external authority for your corporate or personnal mailserver. -- Jérôme Nicolle