Greylisting temporarily rejects mail from unknown sources on the theory that real mailers will retry while spamware won’t. I outline a taxonomy of greylisters and report some statistics both on anti-spam effectiveness and its effect on non-spam mail. 1 Why Greylisting? For many years, large amounts of spam has been sent through purpose-built spamware, rather than normal MTAs. If recipient hosts can identify distinctive characteristics of spamware that differ from legitimate MTAs, the recipient hosts can reject mail from spamware during the SMTP session, avoiding the need to receive the spam. Spamware consistently does little or no error recovery. If it can’t deliver a message, it just goes on since in spamming, volume counts for far more than reliability. Greylisting tries to detect spamware by rejecting mail from unfamiliar sources with a soft fail 4xx) error code, on the theory that real MTAs will retry, and spamware won’t. Another, less well developed application of greyli...
John R. Levine