Difference between revisions of "Greylisting"

From SupraWiki
Jump to: navigation, search
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
 +
[[category:Fighting Spam]]
 +
 
You may have received an error similar to this when attempting to send an email:
 
You may have received an error similar to this when attempting to send an email:
  
Line 32: Line 34:
  
 
* [http://slashdot.org/articles/03/06/20/168203.shtml?tid=111&tid=126 Slashdot | The Next Step in Fighting Spam: Greylisting]
 
* [http://slashdot.org/articles/03/06/20/168203.shtml?tid=111&tid=126 Slashdot | The Next Step in Fighting Spam: Greylisting]
 
  
 
* [http://www.ietf.org/rfc/rfc2821.txt Internet Engineering Task Force, RFC 2821]
 
* [http://www.ietf.org/rfc/rfc2821.txt Internet Engineering Task Force, RFC 2821]
 
  
 
* [http://greylisting.org/articles/whitepaper.shtml The Next Step in the Spam Control War: Greylisting]
 
* [http://greylisting.org/articles/whitepaper.shtml The Next Step in the Spam Control War: Greylisting]

Latest revision as of 16:51, 30 November 2006


You may have received an error similar to this when attempting to send an email:

Recipient address rejected: Greylisted for 115 seconds, see http://supranet.net/greylist/

Please read on!

What is Greylisting?

Greylisting is a term used for a process that reduces the amount of unsolicited e-mail (SPAM) delivered to e-mail addresses by capitalizing on SPAMmers' reluctance to configure their mail servers according to internet standards. With greylisting, our servers maintain a record of three pieces of information when an e-mail is received:


  1. The IP address of the machine sending the e-mail.
  2. The e-mail address of the person sending the e-mail.
  3. The e-mail address to which the e-mail is being delivered.


This set of information is captured and recorded on the servers, and communication with the sender's server is terminated with an error code before the content of the e-mail message is received. Our servers reply to the sending server to say essentially "Sorry, we're too busy right now. Please try again to send this e-mail later." The error message (called a "400-level error") is specifically "temporary" and properly configured mail servers will queue the message and retry after some period of time.


Once 3 minutes passes, the message is then passed through without this delay. From that point on, anytime a message with the matching information is received, it is delivered immediately.


Why does greylisting work?

According to the internet specification, when a mail server receives a "400-level" error, it must queue the e-mail message and try later to deliver it. For legitimate e-mail, this process is standard and mandatory. Properly configured mail servers will redeliver their messages appropriately and greylisting should not represent a delivery challenge to them.


Because SPAMmers send hundreds of thousands of e-mails per day to addresses they do not know to be working, they generate a large number of bounced messages. Acknowledging server responses for these messages, storing the messages on a server for some period of time, and redelivering them again represents for SPAMmers a resource-intensive process that might very well not return sales of their products or services. As a result, they intentionally misconfigure their mail servers. By requiring that every incoming e-mail message comes from a properly configured mail server, a large portion of SPAM is filtered.


More Information