Wednesday, January 24, 2007

Basketball, Board Games, Spam Greylisting

Lost our basketball game last week, bringing us down to 3-3. We beat this team before, and we should have won this time, but we just weren't shooting well (IMO).

I was re-gifted a board game called Evolution for Christmas, and I took it to a "game night" hosted by some friends last weekend. A couple people said it was their new favorite game, and it was enthusiastically called, "Game of the Night." Perfect re-gift!

After hearing a friend singing the praises of greylisting, I implemented it on my mail server. I've had great results so far. I've only received a handful of spam in the last few days, and spam assassin has caught most of those. The downside is that the first email you get from every legitimate sender is delayed for a while, but once the source re-sends it, the sending address is whitelisted and not delayed again. It was definitely worth the 5-10 minutes it took to set up.

5 comments:

leff said...

greylisting sounds like a pretty good idea. Of course, it's only a matter of time before the spammers read that wikipedia article and rewrite their bots...

Aaron said...

If greylisting was widespread and spammers did re-write their software, they'd need more resources to handle the retention of all that mail. With postgrey (and I assume other greylisting software), you can choose how long to greylist someone for. If everyone chose to greylist new senders for an hour, for example, then spammers would have to try to send all their email, get temporary errors, and hold all that email for an hour before retrying. If they retried in less than an hour, they would just get another temporary error. Of course, greylisting will always just be part of the solution, at best. But the more it costs spammers to spam, the better.

Aaron said...

I wrote a little script to figure out how many messages went to my spam folder each day this month to see the impact of greylisting. I implemented greylisting sometime on the 22nd; the numbers in parentheses after the 22nd indicate the number of messages in my spam folder that were addressed to postmaster@, which is whitelisted in postgrey so that someone can contact me if there are greylisting problems:

01: 98
02: 134
03: 141
04: 129
05: 114
06: 84
07: 97
08: 145
09: 145
10: 152
11: 146
12: 117
13: 91
14: 146
15: 122
16: 95
17: 115
18: 118
19: 118
20: 101
21: 92
22: 64
23: 23 (17)
24: 27 (20)
25: 37 (28)
26: 40 (30)
27: 19 (11)
28: 25 (22)

So, I basically went from 90-150 spams a day to 5-10 (plus whatever spam to postmaster would get through greylisting), not taking into consideration spam that made it into my inbox, which has been reduced to almost nothing.

leff said...

So, I need to start hosting my own mail server so I can hook myself up. My web host email doesn't make it easy.

Aaron said...

As long as you're willing to accept the potential downsides of doing it on your own. For example, I won't be a happy camper when my hard drive crashes =) Have you considered using GMail to host the email for your personal domain? I'm fairly happy with their spam filters.