• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

Greylisting Not Really Blocking

E

eacobb

Guest
Givens: Installed greylisting per instructions, Plesk 8 with FC4 at Spry, MySQL database is being updated.

I get the 5 minute delay as I specified in the config file. However, spam seems to still come through. All domains keep getting spam.

Is there something different I should do since I have multiple domains hosted on the same server?

Thanks,

Eric
 
Its not a silver bullet, you're still going to get spam with greylisting. Its just going to cut down on those spammer MTAs that dont retry to send messages when they encounter an error.
 
More Info

I'm still concerned. I've read many many posts in this forum about spam going from 200 a day to 2. Or no spam at all. Etc. My clients go from 200 a day to 190. It still seems something's not right.
 
Also, do you think it would help to increase the "wait" time from 5 minutes to 10? Or will this not matter if the remote MTA will still retry?
 
200 to 190 is a lot more realistic to be honest. I'm very dubious of any claim that high, aside from a well trained bayesian database, I've never seen anything have that level of consistancy in blocking spam.


Greylisting functions by creating a temporary mail failure, that causes the sending mail server to retry the message. Spammer MTA's, which are usually very basic cgi scripts, trojan mailers on desktop systems, or a custom mail server, will not try to resend messages on that error message. It is on these servers that greylisting will block traffic effectively.

However any normal mail server that has been rendered an open relay, which is the vast majority of spam sources, will retry the message when it encounters the temporary failure. I suspect that the reason why people report major success is that in the first 24 hours or so, greylisting does have an effect on those systems, because they cant retry for a day or more. Once those hosts start to get whitelisted, the volume once again resumes.

This is why it's important to combine multiple levels of anti-spam systems together. Greylisting, RBL's, SURBL's, Razor/DCC/Pyzor, and a well trained bayesian db (this IMHO is creepy good once its well trained).
 
You must log in or register to reply here.

Similar threads

F
Issue SOGo - emails sent from webmail, both manually created and autoresponder/vacation/out-of-office, are rejected. They miss spf, dkim, dmarc, everything
Replies
7
Views
3K
Farfalk
F
QWeb Ric
Issue Server pool SSL not showing for selection
Replies
0
Views
540
QWeb Ric
QWeb Ric
M
Issue Outgoing Mail Control is always 0
Replies
1
Views
641
MarketPC
M
G
Resolved Emails not being blocked by server wide mail settings/blacklist
Replies
4
Views
2K
gregconway
G
D
Question get spam sent out
Replies
7
Views
2K
Detlef D.
D
Back
Top