Wednesday, May 2, 2007


A few days ago I discovered one of the coolest pieces of technology that I have seen in a long time. It is a powerful technique for dealing with spam e-mail, called greylisting. The basic principle has to do with how an RFC-compliant mailserver is supposed to respond to SMTP error codes. If an e-mail cannot be delivered due to a temporary condition on the receiving mailserver, the receiver can send a "temporary error; try again later" message to the sender, and the sender is supposed to respond when "later" actually arrives.

Greylisting servers employ this simple technique to great effect. When an e-mail arrives at a greylisting mailserver, it records some basic details about the e-mail, then sends an error message back to the sender saying that the destination address isn't available. "But try again in 5 minutes, okay?" Of course, most spam mailservers don't stick around for this kind of nonsense; they just go on to the next addresses they have in their list. But a normal, RFC-compliant mailserver will try again in five minutes, and at that point the graylisting server will let the e-mail through. The result? A nearly total elimination of spam e-mails.

Users of the postfix mailserver can use a project called postgrey. I installed postgrey a few days ago. Since I installed it, I haven't gotten a single spam e-mail. Go postgrey!

Alas, this great technology does have some negative effects, too. I am sad to say that I no longer hear from my harem of Russian girlfriends. However, since the flow of "male enhancement" drugs has also stopped, it's probably all for the best.

Seriously though, there are a few mailservers out there that aren't RFC-compliant when it comes to this behavior, so it is possible that one of your friends will suddenly get bounced e-mails from you with strange 45x errors. It is pretty unlikely though; the vast majority of mailservers in use are good about handling these errors properly.

1 comment:

Alan Rosenwinkel said...

well next time I run my own email server, I'll try that :-) Seeing as it took me 6 days to get my last one running, I doubt I'll try again anytime soon!

php hit counter