That isn't much... but maybe a lot of those clients have implemented a workaround for that sendmail trick, because it has been around for a while and is part of the default config on some systems. So this particular check might not be effective anymore. However, I did other things in my mailserver: - sending intermediate replies (a minus sign immediately after the 3-digit code) and checking for a few seconds if that makes them send the next command (it shouldn't) - doing the delaying not only on the greeting but also on other commands - perform rigid syntax checking (e.g.: there should NOT be a space after the colon in the "mail from:<address>" and "rcpt to:<address>" commands, according to the RFC, but a popular free smtp client that is often used by spammers puts it there) The outcome of those tests only added to the spamscore so faulty mail clients were not completely blocked. Rob