Greylisting of Incoming Messages

By | November 25, 2009

Greylisting (or graylisting) is a technique of defending e-mail users against spam. A mail transfer agent (MTA) using greylisting will “temporarily reject” any email from a sender it does not recognize as a legitimate one. If the mail is legitimate, the originating server will, shortly stop for some time and tries again and if sufficient time has elapsed, the email will be accepted. If the mail is from a spammer it will probably not be retried since a spammer goes through thousands of email addresses and typically cannot afford costs involved to retry. Greylisting is based on the assumption that spammers and spambots will not retry sending their messages but will move on to the next message and the next address. This method is effective since a retry means the state of the message and the process must be stored inherently, which increases the cost incurred by the spammer.

Greylisting emphasizes on the technique of temporarily rejecting messages from unknown mail servers. A temporary rejection is recognized with a temporary error code 4xx that is recognized by all normal Mail Transfer Agents (MTA)s,which then proceed to retry delivery later.

The main advantage of greylisting is that there is no need of any modification from the user’s point of view. The benefits for the administrator are two fold: it takes minimal configuration to get up and start running, and rejecting email with a temporary 451 is very cheap in system resources.

You may also like to read:
Enforcing Simple Mail Standards
Invalid Pipelining of Messages
HELO/EHLO Checking Of Connections
Implementing Greeting Delay
No Use In Responding To Spam
Keystroke logging: Types of Keystroke loggers