Greylisting

From LQWiki
Jump to: navigation, search

Greylisting (or graylisting depending on where you're from) is a process of reducing the number of spam emails that even get onto your server. When a site first connects to your server on the incoming email port, it is checked against a graylist that the server maintains. If it is listed, the connection proceeds normally. If it is not listed, it is put on the list, and sent a response that means "try again after x minutes"). Real email servers will recognize this response, and will indeed try again a bit later, and being listed already will succeed in delivering their mail. The server keeps graylist entries only for a short while.

Spammers are generally more interested in the number of connections than reliability of delivery, and to keep their 'bots simple will often just junk the email and not try again. When this happens, the spam never makes it onto your server. This can be a big win because graylisting is much cheaper in resources than a full spam and virus check.

Graylisting is usually used together with whitelisting for good sites that will otherwise be erroneously blocked from connection. This might happen, for instance, for a mail hub with many hosts sending mail. A callback might be sent from a different host, and sent to the graylist again and again. These whitelists allow such sites immediate connection. The list of such sites is usually not terribly long, and checking does not cause great resource use.

Software

See also