ross549 Posted April 20, 2014 Share Posted April 20, 2014 Has anyone heard of greylisting before? I read about it the first time this morning. Seems like an interesting concept, but would not be difficult for a spam bot to defeat it. Adam Quote Link to comment Share on other sites More sharing options...
crp Posted April 20, 2014 Share Posted April 20, 2014 Has anyone heard of greylisting before? I read about it the first time this morning. Seems like an interesting concept, but would not be difficult for a spam bot to defeat it. Adam I have it setup at work with sendmail. Works quite well and in practice cuts down spam quite a bit. Quote Link to comment Share on other sites More sharing options...
Temmu Posted April 27, 2014 Share Posted April 27, 2014 interesting idea. i suppose they are implying that spammers simply burst a few million emails without concern to whether they are received or not - that's the only way that that would work, it seems. Quote Link to comment Share on other sites More sharing options...
ross549 Posted April 27, 2014 Author Share Posted April 27, 2014 The key flaw I see in the system, however, is that the mail server spits back a specific response. It would be trivial for the spammer to program in a routine, so record that response, wait a designated period of time, and then resend. Adam Quote Link to comment Share on other sites More sharing options...
crp Posted April 28, 2014 Share Posted April 28, 2014 The key flaw I see in the system, however, is that the mail server spits back a specific response. It would be trivial for the spammer to program in a routine, so record that response, wait a designated period of time, and then resend. Adam No.#1 You can change the message #2 As Temmu points out, they are not going to bother. #3 Vast majority of spammers are not using their own email server, so they will not see the message #4 If spammers wanted to do that, they would do it anyway without the greylisting. I've used greylisting at work for over 10 years. Have yet to encounter a spamming operation that picked up that they were getting greylisted and then modified to get around it. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted April 29, 2014 Share Posted April 29, 2014 I say, use all the tools you can without it causing undo strain on the server and this is one that sounds like it will actually cut down on strain on the server. Couldn't hurt right? As long as you are very careful to only add those that are TRULY spammers to the greylisting. Quote Link to comment Share on other sites More sharing options...
ross549 Posted April 29, 2014 Author Share Posted April 29, 2014 The concept of greylisting precludes any action on your part. ALL email, unless whitelisted gets the challenge to respond to. I agree, though. If it works, do it. I just see greylisting as a temporary fix. The spammers would likely be able to find a way around it. Nature finds a way..... Adam Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted April 30, 2014 Share Posted April 30, 2014 Challenge / Response on every new sender? Blech! Quote Link to comment Share on other sites More sharing options...
crp Posted April 30, 2014 Share Posted April 30, 2014 Challenge / Response on every new sender? Blech! No, sender does not need to respond to any message. A legit email server within a legit setup will automatically resend the message. The 'when' (and in a server farm 'which route') are highly variable. Quote Link to comment Share on other sites More sharing options...
crp Posted April 30, 2014 Share Posted April 30, 2014 The concept of greylisting precludes any action on your part. ALL email, unless whitelisted gets the challenge to respond to. I agree, though. If it works, do it. I just see greylisting as a temporary fix. The spammers would likely be able to find a way around it. Nature finds a way..... Adam over 10 years if far from temporary. If you don't want to use it, fine but don't disparage it when you don't understand how the real world of spammers work and how greylisting fits into it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.