Regarding e-mail security; while I've become familiar with Blacklists as a security measure, Greylisting is somewhat new and I thought I'd share what I've learned and how it may impact or delay your ability to send e-mail to a recipient. Let's first review how they work:
Blacklist
A good definition can be found here, but in a nutshell IP addresses or e-mail addresses known to be sources of unsolicited commercial e-mail (UCE), better known as "spam", are registered into a blacklist and message traffic will not be accepted from members of this list.
- While this works fairly well, I've seen instances where a valid sender has been registered onto a blacklist. This can occur when a Directory Harvest Attack (DHA) has captured valid e-mail addresses and they are used as the sending address by spammers. It is may be necessary to contact the intended recipient or their service provider to have your address removed from the blacklist.
Greylist
A Greylist works in a different fashion and Paul Parisi, CTO of DNSStuff.com, was good enough to post a great definition. Basically, this solution operates under the assumption that spammers aren't likely to resend a message after a failed first attempt. Valid messages from a normal mail server will usually attempt to resend several times after a preconfigured delay, over a period of several hours.
- This also works well, but the engineered delay means that valid e-mail may not be delivered in a timely manner and the delay may result in an automated reply back to the sender that a message could not be delivered; when in fact it may have been. Some solutions may allow "known good" senders to be dealt with more quickly the next time they send a message.
Comment Preview