combining greylisting with spam scores - working exim example

…personal experience with greylisting, some inspiration (some i can’t remember anymore…), and some thoughts led to the following (implemented) idea:

let’s suppose you trust the system’s spam score to the extent that
- a low enough spam score is fairly-certainly correct

why not use a low enough threshold to have first-time senders pass by?

[/etc/exim4/conf.d/acl/40_exim4-config_check_data.rul]

>defer
>  …
>  log_message = message deferred: probable spam and greylistd 
>  message     = Message temporarily deferred
>  condition   = ${if and \
>                  {\
>                    { >{$spam_score_int}{75}}\
>                    {eq{grey}\
>                      {${readsocket{/var/run/greylistd/socket}\
>                                      {${mask:$sender_host_address/24} \
>                                         $sender_address \
>                                         $local_part@$domain}\
>                                        {5s}{}{}}\
>                      }\
>                    }\
>                  }\
>                }
>  delay       = 4m

Next
Previous

Related