Posted on February 1, 2008 at 6:23 am

Greylisting

OK so I’ve long been quite opposed to the use of greylisting.  Recently I had a pretty major personal mail server crash and that’s caused me to at least give it a try and seriously rethink that.  So when I rebuilt the mail server for wgops.com (yes I know, it’s probably STILL blank) I went ahead and installed a piece of greylisting, and other misc. spam control policy software on the Postfix based mail system.  Debian packages a number of them by default but the one I am testing out is postfix-policyd.  

Right off I had an issue with a false positive rate that was killing delivery from a few less-than-perfectly-well-behaved newsletter senders that shall remain nameless.  After I cleared them up I then hit some false positives unrelated to greylisting, and related to recipient limiting.  Moral of that is you should use simpler software, not more complex.  It took me a while to figure out why a few things were getting blocked.

The results have been pretty dramatic.  I’ve only been running it about a week but the only spam I’m receiving now is stuff that comes in via relay through “approved” hosts.  Places like my administrative contact addresses for mailing lists that aren’t filtered by some form of challenge-response (I’ll talk about my feelings on challenge-response later…they’re not very positive) or greylisting mechanism themselves.

In time I’m pretty sure the spammers will adapt and get their crap back into my inbox though.  My next step is to figure out how to deploy the greylisting technique to our large, busy mail cluster at work, reliably.  

Tags:,