Conclusions from our spamd experience

Summing up, selectively used, blacklists combined with spamd are powerful, precise and efficient spam fighting tools. The load on the spamd machine is minimal. On the other hand, spamd will never perform better than its weakest data source, which means you will need to monitor your logs and use whitelisting when necessary.

It is also perfectly feasible to run spamd in a pure greylisting mode, with no blacklists. In fact some users report that a purely greylisting spamd configuration is not significantly less effective than blacklising configurations as spam fighting tools[1].

For our main blacklist, we ended up using Bob Beck's traplist until it was retired from use in May 2016.

You can find my field notes from a recent greytrapping experiment in my blog at bsdly.blogspot.com, starting with the entry dated July 9, 2007. The articles In The Name Of Sane Email: Setting Up OpenBSD's spamd(8) With Secondary MXes In Play - A Full Recipe and Maintaining A Publicly Available Blacklist - Mechanisms And Principles describe a more stable state of the system. And of course the main recommendation here is to read The Book of PF, which contains a somewhat more thorough treatment of spamd and related techniques.

Notes

[1]

One such report is Steve Williams' October 20th, 2006 message to the OpenBSD-misc mailing list, where he reports that a pure greylisting configuration immediately rid the company he worked for of approximately 95% of their spam load.