Greylisting
After some initial reluctance, we are now using email greylisting on our own account. If our trial proves successful, and it is looking good so far, we will roll it out to our customers.
What is greylisting?
As Wikipaedia explains,
Greylisting (or graylisting) is a method of defending email users against spam. A mail transfer agent (MTA) using greylisting will "temporarily reject" any email from a sender it does not recognize. If the mail is legitimate, the originating server will try again and the email is accepted. If the mail is from a spammer it will probably not be retried since a spammer goes through thousands of email addresses and cannot afford the time delay to retry.
Typically, a server employing greylisting will record the three pieces of data known as a "triplet" for each incoming mail message:
- The IP address of the connecting host
- The envelope sender address
- The envelope recipient address(es)
This is checked against the mail server's internal database. If this triplet has not been seen before (within some configurable period), the email is greylisted for a short time (also configurable), and it is refused with a temporary rejection with a SMTP 4xx error code. The assumption is that since temporary failures are defined in the SMTP RFC standards, a legitimate server will try again to deliver the email.
If any of our customers wish to move onto greylisting right now, just get in touch, and we will switch their configuration over to use it.
