In <017701c5b958$2991f8a0$fafe6881(_at_)tbp> "Bogdan Tomchuk"
<tbp(_at_)poly(_dot_)polytechnique(_dot_)fr> writes:
Life is not so easy for spammers that they can just send all their
email twice. Graylisting, and the like, require you to send the email
from basically the same IP address/block and use a consistent domain
name and such. After a few hours, other anti-spam tools such as
DNSBLs, RHSBLs, DCC/Pyzor/Razor, etc. have had a chance to react.
Do you imagine what is typical spam-bot? It is simple automate.
Yes, I understand that quite well.
If you looking to make better condition for your "DNSBLs, RHSBLs,
DCC/Pyzor/Razor", you have just to put every mail coming to your
domain in some kind quarantine system for the same 2 hours and check
this cage regulary.
What "same 2 hours" are you talking about? With graylisting, most
legitimate email goes through immediately because it is from a known
source. Most email coming from new sources is spam.
There may, indeed, be a benefit of rechecking the DNSBLs, DCC,
etc. right before the email is read, but I don't know many people who
do that. I'm guessing that the benefit is fairly small.
-wayne