First Line of Defense Against Spam: Greylisting & Messaging Server
By joesciallo on Jan 08, 2007
What is Greylisting?
Per Wikipedia: Greylisting is a method of defending electronic mail users against email spam. A mail transfer agent which uses greylisting will "temporarily reject" any email from a sender it does not recognize. If the mail is legitimate, the originating server will try again to send it later, at which time the destination will accept it. If the mail is from a spammer, it will probably not be retried, and spam sources which re-transmit later are more likely to be listed in DNSBLs (DNS "black lists") and distributed signature systems such as Vipul's Razor.
Greylisting requires little configuration and modest resources. It is designed as a complement to existing defenses against spam, and not as a replacement.
If you're interested in configuring greylisting for Sun Java System Messaging Server, there's a nice solution called Gross, which was written by a current Messaging Server user.
The "magic" of this solution is based on the observation that spammers almost never queue their mail. In general, spammers send their message just once, and, if the attempt does not succeed, the message is not retried. By giving a temporary error on the first spam attempt, you are able to deny most spam immediately.
Note that Gross works well for sites that have "conservative" spam policies. Greylisting can delay legitimate messages as well. Because Gross imposes greylisting only for those hosts found on various dnsbls, the impact for legitimate mail is minimal.