On Tue, 2006-02-14 at 08:36 +1030, Tim wrote: > On Mon, 2006-02-13 at 15:29 -0500, Scot L. Harris wrote: > > Greylisting still works wonders since the bulk of the spam still > > appears to come from non-compliant zombie hosts which just spray email > > and don't bother to check any of the return codes. In combination > > with spamassassin you can achieve near 100% reduction of spam. > > But how much real mail gets stuffed up? I've seen many different > anti-spam techniques that cause more problems than they solve, leaving > some hapless author in a position that they don't know what went wrong, > nor have any way to sort out a solution. In my experience with greylisting very little if any mail gets "stuffed up". Probably the biggest problem is the perception that email is instantaneous, secure, and a reliable method of communication. The reality is that email is a store and forward system and many many things outside the control of the sender or the recipient can affect delivery of any particular email message. In general email is not secure, it is sent in the clear for the most part unless the parties involved have implemented a method to encrypt the messages. The RFCs provide the rules that MTAs are suppose to use to try and make sure messages get delivered. For the most part it a works very well. But even in the best systems problems can happen that will cause messages to be lost or delayed. If the MTA follows the RFCs greylisting will delay delivery of the message for a short period. The one big exception are those ISPs and other companies that have huge SMTP server farms that will retry the message from a different server each time. Most of the important ones have been identified and each implementation of greylisting I have seen will whitelist those servers. Remember greylisting uses standard RFC rules to defeat spam. It sends a 451 error on the first attempt which means there is a temporary failure please try again later. After the greylisting timer expires any message coming from the same IP address with the same sender and recipient (tuple) will be allowed through. And for those that claim their emails are hyper important it would benefit everyone to place a phone call to verify receipt of such an important email. The URL below goes into a much better description. http://projects.puremagic.com/greylisting/whitepaper.html
