@stefano we have it fronting our qmail stack, maintaining a passlist generated by smtpctl spf walk, and a trap list of known bad addresses. works great, we can watch the logs on the backend server in real time and not be bothered by spam

@stefano I used to. In general, it is great. But for specific tasks like create a new account and receive an email to activate the account or lost password and receive the link to renew, it can be annoying. Because most such remote servers have retries set to days. Which means you have to wait quite long for the second SMTP connection to happen.
I replaced spamd with IP blacklisting and rspamd. They are more user friendly in my opinion.

@stefano I use it in greylisting mode, works pretty well though spammers are getting better about retrying their delivery attempts lately. I also use it to SPAMTRAP email addresses and works pretty well there as well. Has a bit of a hard time with big senders that don't retry from the same IP addresses, but this can be somewhat mitigated with spf-walk. Still a few false positives that I have to whitelist manually from time to time though.

@stefano
A while back I switched to a "deliver everything and let spamassassin sort it out" policy. No more quarantine, no more false positives, easy to admin. I sort the spam into score 2-5, 5-10, 10+ and feed those back into the filter. Inbox gets bayesian'd as ham.

@stefano

✅ using OpenSMTPD?
❌ using rspamd?
❌ using spamd?
🤷 effective?

I know @pitrh has gotten reasonable results with spamd though:

https://nxdomain.no/~peter/better_off_with_pf.html

@stefano I only use it as a dedicated tarpit for source IPs that I select with fail2ban heuristics from the mail server log. Most spammers seem to detect it quite quickly nowadays and don't spend much time connected to it.

I have no idea how useful it is as a frontline greytrapping tool, I just use greylisting via rspamd.