Fighting spam via greylisting
jhuntwork at linuxfromscratch.org
Sun Apr 8 10:47:18 PDT 2007
Bryan Kadzban wrote:
> Yeah, but how hard would it be to add retrying to a spammer's botnet
> software? I'm going to predict that within the next year, if
> greylisting is implemented widely (and I've been hearing about it a lot,
> but I don't know how many servers actually do it), the spammers will
> just start retrying once if they get a temporary-error response.
They may eventually work out something that gets past the greylisting.
It's entirely conceivable. The big advantage is that greylisting works
in harmony with some of the more traditional spam blocking measures.
Blacklisting services keep the spammers on their toes, so to speak. They
have to keep changing their IP in order to get around the blacklists.
Greylisting takes advantage of that and forces them to stay with one IP
if they want to get through. But, if they do that, they'll get
blacklisted. It's a very complementary setup.
I did not mean to imply that there was really any major cause for worry
with the new setup. It is working very well, and by far, valid MTAs will
retry after a temporary failure.
Even without greylisting and just using the methods we had in place
before, there was a possibility that valid mail wouldn't get through.
That has always existed. Giving my personal address was simply to allow
another means for someone to get a hold of me. Of course, anyone can
always send mail to postmaster AT l14h DOT org which is really the
Anyway, the fact that we are having this conversation and that mailman
is processing fewer junk emails shows that it is working as we hoped.
More information about the lfs-dev