First Line of Defense Against Spam: Greylisting & Messaging Server

What is Greylisting?

Per Wikipedia: Greylisting is a method of defending electronic mail users against email spam. A mail transfer agent which uses greylisting will "temporarily reject" any email from a sender it does not recognize. If the mail is legitimate, the originating server will try again to send it later, at which time the destination will accept it. If the mail is from a spammer, it will probably not be retried, and spam sources which re-transmit later are more likely to be listed in DNSBLs (DNS "black lists") and distributed signature systems such as Vipul's Razor.

Greylisting requires little configuration and modest resources. It is designed as a complement to existing defenses against spam, and not as a replacement.

If you're interested in configuring greylisting for Sun Java System Messaging Server, there's a nice solution called Gross, which was written by a current Messaging Server user.

The "magic" of this solution is based on the observation that spammers almost never queue their mail. In general, spammers send their message just once, and, if the attempt does not succeed, the message is not retried. By giving a temporary error on the first spam attempt, you are able to deny most spam immediately.

Note that Gross works well for sites that have "conservative" spam policies. Greylisting can delay legitimate messages as well. Because Gross imposes greylisting only for those hosts found on various dnsbls, the impact for legitimate mail is minimal.

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

Reporting about Unified Communications Suite Documentation, including news, Comms 101, documentation updates, and tips and tricks.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today