Why I hate greylisting
<- First entryE-mail obfuscation via CSS ->
Greylisting has for the second time delayed a verification e-mail. From the Wikipedia article about greylisting:
Greylisting is a method of defending e-mail users against spam. A mail transfer agent (MTA) using greylisting will "temporarily reject" any email from a sender it does not recognize. If the mail is legitimate, the originating server will try again after a delay, and if sufficient time has elapsed, the email will be accepted. ... Greylisting is effective against mass email tools used by spammers that do not queue and reattempt mail delivery as is normal for a regular mail transport agent.
Essentially, why greylisting "works" is:
- It delays spam so a DNSBL or other can pick it up earlier
- MTAs that don't retry/one-off mail sending attempts by spammers don't work, especially on botnets
I think the DNSBL claim is partially valid, but I do think that it won't be very effective if DNSBLs take a long time to update, which can happen.
For the one-off/no retry MTAs, spammers can just work around it. It is not too hard to do that, is it? And it does not prevent retrying MTAs that spammers use when setting up their own mail servers from being blocked by greylisting. And botnets can be blocked by looking at if the IP is a consumer IP, by inspecting the ISP/ASN/etc.
So to sum it up, greylisting mostly delays e-mails, it might work at catching some spammers, but I don't think it is worth the hassle.
- Botnet protection
- Require a PTR record pointing to the alledged mail server, which will eliminate most consumer IPs, but may get a few badly configured mail servers stuck, but it is their fault.
- Catching spam via DNSBLs picking up spammers after greylist period
- Greylisting is the only thing that works in this scenario.