What is Greylisting?
Greylisting is a method of verifying legitimate emails, it looks at three pieces of information (known as a triplet) relating to each mail delivery attempt:
The IP address of the server sending the message
The sender address
The recipient address
Greylisting checks messages and if the system has never seen this triplet before, it will refuse delivery and any others that may come within a certain period of time, with a temporary failure. If the sender is legitimate their server will retry after a specific time and the message is allowed through.
There is further explanation here: http://en.wikipedia.org/wiki/Greylisting however the article seems biased against Greylisting, it lists a lot of disadvantages. Most of the disadvantages listed are not a problem in the modern world of Greylisting, and have not been a problem for us. There is also a lot of information at http://www.greylisting.org/ including links to a lot of technical information.
Does it work?
Yes! We cut our own spam by over 99%, we recieve on average less than one spam message per day. While many were concerned a couple of years ago when Greylisting first started being implemented that spammers would be able to re write their spam software to circumvent it, that has not eventuated. Spam still originates from bogus sources which can not act like real mail servers, and it is now very rare for spammers to take over legitimate mail servers.
Will it prevent legitimate mail reaching me?
In most cases it won't. It will only delay them and it sends a message back to the originating address telling them this has occured. Depending on the configuration of the originating server, the first message about delayed delivery may not even be sent, the server will retry after a period of 5-10 minutes and the legitimate mail is delivered. There are now very few mail servers that can't deal with Greylisting.
Is it widely used?
It seems to be gaining popularity as other methods fail. If you have had a message come to you mentioning a temporary delay and something about greylisting chances are somebody you are communicating with is using it. Many ISP's, hosting providers, and businesses that run their own servers are using the method because it is so effective.
Do you use other methods?
Yes, we use block lists at Spamhaus and Spamcop, the Sender Policy Framework and we also filter messages containing viruses (deleted) and known spam addresses and terms (marked [CWS SPAM DETECTED]).
UPDATE 28/04/09
After a year in operation Greylisting has been a success for CWS and our customers. We still have on average less than one SPAM message per day and very rarely experience long delays.
