|
E-Mail Greylisting
DotNetted accounts by default have greylisting applied to reduce the amount of spam / junk reaching our users mailboxes.
The way greylisting works is that when a mail server connects to our mail server to deliver a mail for the first time our mail servers initial response is to send back a 451 code which tells the connecting server that the server can't accept messages and to retry in a few minutes. The details of the mail server are recorded and if it tries again to send the same e-mail within 6 hours it will then be allowed through.
The idea is that compromised machines spewing out spam are not mail standards compliant so when they receive the 451 code they will simply drop the connection and not come back. However a real mail server will understand the message and try again later as requested at which point the mail will be delivered.
Greylisting does cut out a huge amount of spam however there are some potential downsides that need to be understood :
a) Mail delivery may be delayed - in the 451 response that we give to a server when it first connects we tell the server to reconnect after 2 minutes and if they do resend within 6 hours the mail will go through. However most mail servers have their own individual settings for retrying mail so when the mail gets retried is down to how the sending mail server is configured. Most mail servers are properly set up and will retry at some stage between 10 minutes and an hour so mail can be delayed this long however there will always be some that are badly set up and take longer to retry, our server allows up to 6 hours for the sending server to retry after which it will be treated as a first attempt again.
It's worth noting that once a server is allowed to send a mail this is recorded for 90 days so if another mail comes through from the same server with the same to / from address within 90 days it will bypass the greylisting, as such mail from the same person will only be delayed by greylisting the first time they e-mail you, after this it will come through immediately.
b) Some mail servers are simply badly configured and will be prevented from sending as their system does not work with greylisting - we have found some mail systems which deliberately rotate the IP address mails are sent from in an effort to avoid spam blocking, as the messages come from a different IP each time our system will greylist them each time and the message may be greatly delayed or potentially never received.
Turning off greylisting
By default greylisting has been applied server wide but you can turn it off for a particular mailbox by logging into the mailbox via webmail and ticking the bypass greylisting box. Alternatively if you want greylisting removed for your domain as a whole let us know and we can switch it off.
Adding an address / domain to the trusted senders list for your domain will also bypass the greylisting.
There is no doubt that greylisting works in removing spam as we've seen a huge reduction since it's introduction however this needs to be balanced against potential delayed delivery. On our own domain we have enabled greylisting for all mailboxes except for support@ - we don't believe that any legitimate mail has been blocked due to the greylisting but it is essential that we receive all mail to support@ so just suffer the spam on that one mailbox.
|
