OT: "greylisting" - looking for opinions

Kevin Spicer kevins at BMRB.CO.UK
Sat Jun 21 10:13:34 IST 2003


>On Sat, 2003-06-21 at 08:39, Ryan Bingham wrote:
>Sorry to crosspost for those of you who are on the SAtalk list, but I'd
>be interested to get your opinions on the concept of "greylisting" as
>a spamfighting tool (I apologize also if this has been brought up on
>the list before).  To summarize, it involves initially rejecting an
>SMTP session from an unknown source (this is oversimplifying  -- it's
>rather more that the entire SMTP session is "unfamiliar") in the
> expectation that a legitimate SMTP host will try again a short time
>later while a spamming host will not.

This was covered in some depth yesterday on Slashdot.org.  As I see it
there are two problems, the initial hour delay for the first message
with a given 'triplet' (try explaining to users that email isn't
instant!) and the ease with which the system could be circumvented [ For
example a spam tool could make two passes through its list, an hour or
so apart, just doing a HELO, MAIL and RCPT then aborting on the first
run, because this doesn't send any mail its unlikely to get added to any
blacklists until its into the second run, this would entirely defeat
greylisting as far as I can see ].  I think it may be a useful
short-term approach but is likely to only be successful for a short
time.  My other concern is that running it with SA would dramatically
reduce the amount of spam that the Bayes filter gets to learn from, so
it might even result in more spam getting through.:(




BMRB International
http://www.bmrb.co.uk
+44 (0)20 8566 5000
_________________________________________________________________
This message (and any attachment) is intended only for the
recipient and may contain confidential and/or privileged
material.  If you have received this in error, please contact the
sender and delete this message immediately.  Disclosure, copying
or other action taken in respect of this email or in
reliance on it is prohibited.  BMRB International Limited
accepts no liability in relation to any personal emails, or
content of any email which does not directly relate to our
business.



More information about the MailScanner mailing list