I’m not a big fan of using greylisting to cut down on email spam, since it tends to big a big pain in the ass when I run into it running on other email servers. On the other hand the amount of incomming spam has risen to a level where I decided it’s time to really do something about it (not that Spamassassin was doing a bad job, but it shouldn’t have to go through hundreds of mails each day to sort out the 15-20 real mails).
So I did a quick google what packages were recommended for greylisting with exim, and ended up using “greylistd” which came with a nice example config for exim. I went through the config and loosened up the settings a bit. And after letting it run for 2 days, the stats say that a bit over 96% of incoming mail was never retried (e.g. either spam, or a crappy MTA sending me mail).
Next thing I’m having a look at is SPF. I’ve got it up and running, but it only throws warnings to the log right now, doesn’t block anything (same goes for messed up DNS entries of servers sending me mail).
Something positive I noted was that the number of MTA servers supporting TLS connections seems to be rising. Server <-> Server encryption of data is a good thing. Having users view and send mail via secure HTTPS/SSL/TLS cconnections is pretty useless if the mails gets forwarded to the destination in plaintext.