Greylisting

I’ve implemented greylisting on my mail server, and I have to say that the initial impact is quite dramatic.

Greylisting is a relatively simple mechanism for defeating spam. It works by checking the sending IP, sending e-mail address and recipient e-mail address against a database, and if not found, it temporarily rejects the message with a 4XX response. Legitimate mail servers will retry (and succeed) in a little while, but spamware will typically give up and move onto the next victim. Even if the spamware advances, the sending machine – usually a zombie PC – will likely be put on a DNSBL by then and be rejected anyway.

greylist-results

As you can see, the volume of mail being accepted and processed has been reduced considerably. This also has the positive side effects of reducing bandwidth consumption and reducing resource overhead by not having to process the messages with SpamAssassin or store them on the disk.

There is a drawback, though. No longer do e-mails from previously unknown senders show up immediately. This isn’t a huge problem, though. I’ll gladly exchange 95% of the spam I receive for having to wait for that confirmation e-mail for a few hours…