I haven't tried nolisting but would assume it would have the same issues as greylisting, in that there are some large organisations who run non compliant mail systems, and mail from them would fail. Last time I looked at the list of organistaions I didn't feel that I would be getting mail from them. I now can't find the list... that's the interweb for you... Here's a list of non-compliant mail servers (from http://projects.puremagic.com/greylisting/) * Novell Groupwise 6.0 - Confirmation Link * ISMail 1.7.1 and prior - Non-compliant. Reported as fixed in ISMail 1.7.4 and later. * InterMail 4.0 - Reported * Kerio MailServer 5.0.5 - Reported So the ability to whitelist is important, but you couldn't whitelist with nolisting. But I despise spam so much, as it eats our mail servers and eats our bandwidth, that I'd be happy to talk with organisations with these mail server and tell them that they really need to 'get with the program'. But only with our own mail. I'm not so sure about the realities of implementing this across thousands of ISP customers and trying to get them to understand why we're not allowing email from their mum to be delivered. And a pile of spam now get delivered to secondary MXs first as these often don't have synchronised user lists and often accept mail without checking much, but are trusted hosts from the primary's point of view. But it's worth a go. Might get some reprieve for a few months. Regards, Gerard On 15/01/2008 10:43 a.m., Glen Eustace wrote:
Yesterday, I came across the concept of 'nolisting' as a technique for reducing the volume of inbound spam. It wasn't something I had previously come across so have done some reading on the topic. http://nolisting.org as a starting point.
For such a simple technique, I was surprised by its impact.
Simply speaking, the idea is to use a primary MX that doesn't listen on port 25 but simply rejects the connection. Well behaved MTAs will all try the secondary MX(es) and delivery will occur. Many spambots only try the primary so there is an immediately benefit, less inbound to check in other ways and a consequential increase in the available resources on the mail server(s).
I set it up on one domain and behavior seems to be exactly as described. My reading suggests that there is no negative impact on legitimate mail and no noticeable additional latency in delivery as the switch from the primary to secondary on a reject is almost instantaneous.
I was wondering whether anyone else has had any experience with this technique and if so whether the claim that it has no negative impact is true. Also, if people haven't heard of it, it may be something people might want to look at as another weapon in the anti-spam war.
Glen.
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
-- Netspace Services Limited http://www.netspace.net.nz Phone +64 4 917 8098 Mobile +64 21 246 2266 Level One, 220 Thorndon Quay, Thorndon PO Box 12-082, Thorndon, Wellington 6004, New Zealand