[nycbug-talk] greylisting (was OT: Spam Filters)
nycbug at cyth.net
Thu Oct 23 14:58:30 EDT 2008
On Thu, Oct 23, 2008 at 2:43 PM, N.J. Thomas <thomas at zaph.org> wrote:
> * N.J. Thomas <thomas at zaph.org> [2008-10-23 14:24:14+0000]:
>> Most sysadmins I know that use Postfix as their MTA say that
>> greylisting (IIRC they mostly all use postgrey) cuts something like
>> 60-95% of the spam they get
> This reminds me of when greylisting first came out (ca. 2003 I believe),
> a lot of people -- myself included -- figured that spammers would adapt
> to it fairly quickly.
> I figured we had about a year or two before spammers would just rewrite
> their software to handle it. I'm *really* surprised to see this
> spam-reduction technique still catching as much as it does today.
> Wonder why this is.
> My theory (that I can't back up in any way) is that either the people
> sending the spam haven't updated their spam-mailing software to the
> latest version or that spammers don't want to waste their time with the
> small percentage of people who greylist when a larger share of folks
> don't use it.
Well, you can no longer just fire-and-forget, you actually have to
find a way to create a window open by sending the same message to a
host several times. The dumb way of doing this would be to have an
actual queue and store up all the messages that were greylisted. Of
course, several million messages takes up a lot of space. There are
probably smart ways to circumvent greylisting, but I'd rather not
discuss them on a public mailing list. =)
More information about the talk