Jump to content

Greylisting


ross549

Recommended Posts

Has anyone heard of greylisting before? I read about it the first time this morning.

 

Seems like an interesting concept, but would not be difficult for a spam bot to defeat it.

 

Adam

Link to comment
Share on other sites

Has anyone heard of greylisting before? I read about it the first time this morning.

 

Seems like an interesting concept, but would not be difficult for a spam bot to defeat it.

 

Adam

I have it setup at work with sendmail. Works quite well and in practice cuts down spam quite a bit.
Link to comment
Share on other sites

The key flaw I see in the system, however, is that the mail server spits back a specific response. It would be trivial for the spammer to program in a routine, so record that response, wait a designated period of time, and then resend.

 

Adam

Link to comment
Share on other sites

The key flaw I see in the system, however, is that the mail server spits back a specific response. It would be trivial for the spammer to program in a routine, so record that response, wait a designated period of time, and then resend.

 

Adam

No.

#1 You can change the message

#2 As Temmu points out, they are not going to bother.

#3 Vast majority of spammers are not using their own email server, so they will not see the message

#4 If spammers wanted to do that, they would do it anyway without the greylisting.

 

I've used greylisting at work for over 10 years. Have yet to encounter a spamming operation that picked up that they were getting greylisted and then modified to get around it.

Link to comment
Share on other sites

Guest LilBambi

I say, use all the tools you can without it causing undo strain on the server and this is one that sounds like it will actually cut down on strain on the server.

 

Couldn't hurt right? As long as you are very careful to only add those that are TRULY spammers to the greylisting.

Link to comment
Share on other sites

The concept of greylisting precludes any action on your part. ALL email, unless whitelisted gets the challenge to respond to.

 

I agree, though. If it works, do it. I just see greylisting as a temporary fix. The spammers would likely be able to find a way around it. Nature finds a way.....

 

Adam

Link to comment
Share on other sites

Challenge / Response on every new sender?

 

Blech!

No, sender does not need to respond to any message. A legit email server within a legit setup will automatically resend the message. The 'when' (and in a server farm 'which route') are highly variable.
Link to comment
Share on other sites

The concept of greylisting precludes any action on your part. ALL email, unless whitelisted gets the challenge to respond to.

 

I agree, though. If it works, do it. I just see greylisting as a temporary fix. The spammers would likely be able to find a way around it. Nature finds a way.....

 

Adam

over 10 years if far from temporary. If you don't want to use it, fine but don't disparage it when you don't understand how the real world of spammers work and how greylisting fits into it.
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...