Available from Mailtraq build 220.127.116.1180. Upgrade your Mailtraq now: Upgrading
Greylisting - Defending you from spam
Greylistingw is an extremely effective anti-spam technique because the majority of spam sending applications are not real mail transport agents. Spam is sent out in extremely large quantities (often millions of recipients) and queueing messages for retry is usually impractical. Even if the spam software is capable of retrying, there is a relatively small window of opportunity before the IP address becomes blacklisted so it is more cost-effective to move on to other hosts. Similarly, your system is more likely to find the sending IP address on a blacklist if it retries later.
When active, the first time that a particular message is sent to a particular recipient on your system it is rejected with a transient error. To conform to RFC2821 the sending mail transport agent must queue the message and try again later. A later attempt will be accepted.
Greylisting is available to all Mailtraq Professional users who receive their email direct from the Internet by SMTP. The configuration is accessed from the SMTP service:
We recommend that you follow the example configuration set out below for effective and trouble-free operation. You can learn more about Greylisting herew
Enabling DBL Verification is optional.
You can just let Greylisting do its thing and it will work even more effectively.
However... it can result in delayed mail and additional work for legitimate servers. For that reason we recommend restricting Greylisting to servers that fail the tests described above, you will get close to maximum efficiency while only targetting likely spam senders.
But that is entirely up to you.
Configuration advice - Greylisting & Blacklisting
Greylisting and Blacklisting use the same DBLs, but the blacklisting applies if the score exceeds 100 (i.e. message is rejected) while Greylisting simply activates if the score is over the specified value.
In theory a spam sender could retry and bypass greylisting while still having a known spam sending IP address according to Spamhaus. For that reason both should be used.
pbl.spamhaus.net checks for known dynamic IP addresses. This is a very good spam indicator, but not 100%. It gets about 2% false positives which is pretty high, so it is useful to tagging the header for later
Bayes analysis and for activating greylisting, but we wouldn't recommend actually using it to reject mail.