« His Majesty's Dragon | Main | ReadyNAS NV »
October 21, 2006
Greylisting Rocks
I remember reading the Greylisting White-paper whilst in Grad School and immediately loving it. It's a simple, elegant, and (based on the last 12 hours) very effective anti-spam technique.
Basically, you configure an MTA (mail transport agent, the things that route email around the Internet) to send back a transient delivery failure code on the first delivery attempt from an unknown sender. A well behaved MTA will reattempt delivery after a while, whereas many spammers simply see that as a delivery failure and give up. Once a sender has behaved correctly, they're added to an automatic whitelist for a few days, so subsequent messages aren't delayed.
For whatever reason, my spam filter (SpamAssassin) has had a steady decline in stopping spam hitting my inbox. I average between a thousand and fifteen hundred spam messages per day, and whereas 6 months ago I'd see around five make it to my inbox, lately closer to a hundred a day have been making it through.
Yesterday I decided to do something about it. For a set of long and uninteresting reasons, I'm still running sendmail as my MTA, so I did a bit of research into greylisting plugins for sendmail, and found milter-greylist, which installed on my fedora box as easily as
$ yum install milter-greylist milter-greylist-sysv
After that it was a matter of rebuilding my sendmail configuration to include the necessary directives, and adding my domains to the greylist config.
12 hours later my incoming spam count has dropped to fewer than 200 messages, and of those subject to greylisting (not all the addresses that actually reach me were included in the config initially) 3 made it into my inbox. This morning I added a bunch of addresses to the greylist config (the machine hosts several domains, including a couple used for business, so I left immediate delivery as the default) and expect the success rate to further improve over the next day or so.
Posted by dberger at October 21, 2006 12:11 PM