Re: What is GreyListing
> If you have to go through one 4xx messages to send a message then it
takes
> twice the network bandwidth to send a spam and more than twice the
effort
> (queues have to be maintained etc). If you were to require more than
one 4xx
> message and a longer time-out then it makes it even more work for the
> spamming machine and thus reduces the volume of spam that can be sent
before
> the machine is put on black-lists and/or shut down.
In my experience, you have 2 situations:
1) an open relay
in this case, the violated mail server will keep track of the spams it is
sending, and will retry again later. However, most times the server being
violated will slow down under the load of spams being sent, and the admin
will notice this and close the relay. So the second or third attempts
never get done because the admin closes the relay before they are
re-tried.
2) spammer server / open proxy
in this case, there is usually no queue as the spammer uses custom
software to belt out as many emails per minute/hour as possible. Usually
it has a huge list of emails, and a selling point is the "thoughtput" of
emails per minute. These programs usually try to minimize bandwidth usage
per email, so no re-tries are done and the connection timeout is pretty
short, and give up quickly. I notice this when spammer servers connect to
our servers.
Overall, it is a good thing to make them retry as Russell said, because
most times no second or third attempt is ever made!
Jas
Reply to: