Greylisting

Hi,

Just begun playing around with GreyListing. It is another anti-spam technique. Simply said, what it does is:
  • It is based on tuplets (sender, recipient, originating IP). The first time a server receives a message of one specific tuplet, it says to the originating server : I don't accept your message now, please come back a bit later.
  • Real e-mail servers usually respect this and retry a few (typically 15) minutes later. When the server retries, the delays don't apply and the message is accepted. Then, the tuplet is added to a database (held in memory, dumped once in a while on disk), so that this tuplet is not subject to greylisting (delays) for a given period
  • Spambots, zombie infected computers don't retry, so a lot of spam is denied just there, no more processing is needed.
The benefits are two-fold
  • There is less spam in the users' mailboxes
  • There is less load on mail servers. Effectively, most servers use anti-spam software that uses a lot of resources (network/disk I/O, CPU, memory). When Greylisting is used, the message is stopped at the SMTP (e-mail language) transaction. Therefore, the message don't even reache the resource-expensive anti-spam software.
I'd like to give you more complete stats, but for the tests I've done, I've reduced the quantity of spam received from ~50/day to zero.

I'm implementing this technique for a spam-filtering services business, but we're doing it smoothly and selectively. I'll keep you informed.

If you want more informations, please see:

http://www.greylisting.org/
http://projects.puremagic.com/greylisting/
http://en.wikipedia.org/wiki/Greylisting

Comments

Post a Comment

Popular posts from this blog

General linux performance troubleshooting

Here's a list of commands that you should execute and then share the output to someone who can help you figure out what resource is the bottleneck in your system. Note, it requires the  sysstat  and  procps  packages (ubuntu and RHEL and its derivatives): uptime vmstat 1 10 iostat -xN 2 10 mpstat -P ALL 3 10 pidstat 1 10 free -mw (or free -m, if your OS doesn't support -w)  uptime is to see the load averages on the system. vmstat is mostly used to tell if the system is swapping or not. If you see significant numbers in the 'si' and 'so' columns, your system is most likely swapping (using the hard drive as RAM), which usually slows performance a lot. iostat is mostly used to determine if your disk subsystem is not able to cope with the load. If you see one or more lines that shows 100 or close almost constantly, it is probably the case.  If it is your swap volume, you probably saw numbers in the 'si' and 'so' columns in the  vmsta
Read more

Asterisk works under OpenVZ (no zaptel)

Hi, Just to let you know that I did a basic test with asterisk on an OpenVZ VE and it works. We only tested SIP connectivity (it would probably be complex to have Zaptel support and I don't really need it). We were able to connect to a VoIP provider using SIP ( unlimitel ) and music on hold works. The only thing I had to change to make it work is to comment out this line in /usr/sbin/safe_asterisk: #TTY=9 # TTY (if you want one) for Asterisk to run on (I guess there is no TTY9 (console # 9) on openVZ since it is a virtual machine and TTY9 is usually a physical console (monitor)). I'll soon put my asterisk server in a VE, I'll let you know how it goes. I also use Unlimitel and ATAs to link my PSTN line and cordless phones.
Read more