Greylisting

Hi,

Just begun playing around with GreyListing. It is another anti-spam technique. Simply said, what it does is:
  • It is based on tuplets (sender, recipient, originating IP). The first time a server receives a message of one specific tuplet, it says to the originating server : I don't accept your message now, please come back a bit later.
  • Real e-mail servers usually respect this and retry a few (typically 15) minutes later. When the server retries, the delays don't apply and the message is accepted. Then, the tuplet is added to a database (held in memory, dumped once in a while on disk), so that this tuplet is not subject to greylisting (delays) for a given period
  • Spambots, zombie infected computers don't retry, so a lot of spam is denied just there, no more processing is needed.
The benefits are two-fold
  • There is less spam in the users' mailboxes
  • There is less load on mail servers. Effectively, most servers use anti-spam software that uses a lot of resources (network/disk I/O, CPU, memory). When Greylisting is used, the message is stopped at the SMTP (e-mail language) transaction. Therefore, the message don't even reache the resource-expensive anti-spam software.
I'd like to give you more complete stats, but for the tests I've done, I've reduced the quantity of spam received from ~50/day to zero.

I'm implementing this technique for a spam-filtering services business, but we're doing it smoothly and selectively. I'll keep you informed.

If you want more informations, please see:

http://www.greylisting.org/
http://projects.puremagic.com/greylisting/
http://en.wikipedia.org/wiki/Greylisting

Comments

Popular posts from this blog

Outlook 2007 Add-in with OTRS

Asterisk works under OpenVZ (no zaptel)

KeePass enforced configuration