I've followed the steps outlined here to eliminate spam up to the section on "SPF and greylisting" on the second page:
http://www.freesoftwaremagazine.com/articles/focus_spam_postfix/ The author is really into greylisting: "If you take nothing else from this article, let it be that greylisting is a Good Thing and your customers will love you for using it" but the feedback I got on it from this list was not as positive. Of the stuff I've implemented, these lines seem to have been the most effective: reject_rbl_client relays.ordb.org, reject_rbl_client list.dsbl.org, reject_rbl_client sbl-xbl.spamhaus.org, with the spamhaus.org line doing most of the work according to the logs. Do you think the reject_rbl_client stuff is safer than greylisting? - Grant -- gentoo-user@gentoo.org mailing list
