Greylisting

By
Pank
on January 13, 2005 1:11 AM | | Comments (0)

Greylisting is a new method of blocking significant amounts of spam at the mailserver level
It's a good method but the mail will be delayed at first time with same "triplet".

ref. Whitepaper | Links to Implementations and Information

"triplet" are

  1. The IP address of the host attempting the delivery
  2. The envelope sender address
  3. The envelope recipient address
The specific methodology for a fairly basic Greylisting implementation is as follows:
  1. Check if the sending relay (or network) is whitelisted, and if so, pass the mail.
  2. Check if the envelope recipient (or domain) is whitelisted, and if so, pass the mail.
  3. Check if we have seen this email triplet before.
    1. If we have not seen it, create a record describing it and return a tempfail to the sending MTA.
    2. If we have seen it, and the block is not expired, return a tempfail to the sending MTA.
    3. If we have seen it, and the block has expired, then pass the email.
  4. If the delivery attempt should be passed and the delivery is successful:
    1. Increment the passed count on the matching row.
    2. Reset the expiration time of the record to be the standard lifetime past the current time.
  5. If the delivery attempt has been temporarily failed:
    1. Increment the failed count on the matching row.
    2. If the sender is the special case of the null sender, do not return a
      failure after RCPT, instead wait until after the DATA phase.

Categories:

Leave a comment

Categories

Monthly Archives

Search

March 2009

Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31        

About this Entry

This page contains a single entry by Pank published on January 13, 2005 1:11 AM.

Virtual Tunnel was the previous entry in this blog.

Yahoo! Desktop Search is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.