Most spamming servers will try to deliver a message to the receiving server and give up if they don't receive a quick response. This is usually an automated process by the spammer and retrying message delivery is highly unlikely and difficult to manage if they did retry. Kind of like a shotgun approach where the spammer hopes 10% of their messages reach their target and then forget about it. A "real" mail server however will retry delivery after a short period of time.
Greylisting allows you to temporarily reject an incoming session for a specified period of time. This will hopefully deter many spam servers from resending their messages.
How Greylisting works
- Connection is made from remote server
- Greylisting checks to see if the connecting IP is on the Greylisting whitelist
- If the IP is on the Greylisting whitelist the connection is allowed
- If the IP is not on the Greylisting whitelist, it checks to see if the IP is pending and whether it waited the specified time? If yes, allow, if not, return 451 warning message, example,
451 4.7.1 This server is currently unavailable, please try later. - This process is repeated for all connecting IP's and may be customized as needed.
What is by-passed (specific to VisNetic MailServer)
Local by-passing is automatically implemented using these options:
- By-pass trusted IPs and authenticated sessions (AntiSpam - Other tab)
- Exclude outgoing messages from spam scanning (AntiSpam - Other tab)
- Local-Local by-pass filter (simply sending TO and FROM a local domain)
- Greylisting by-pass file ('B' button, greylist.dat file)
Greylisting descriptions (specific to VisNetic MailServer)
Active
Check this option to enable Greylisting.
Allow new authorization after (Seconds)
Specify the amount of time that incoming connections should be temporarily rejected.
Delete pending sessions after (Hour)
Specify the amount of time after which any "pending" IP addresses are deleted from the database.
Note: "Pending" addresses are addresses which have tried to connect and have been rejected by Greylisting.
Delete authorized sessions after (Days)
Specify the number of days that an authorized IP address is held in the database.
Note: A value of 0 means authorized IP addresses will never be deleted. "Authorized" addresses are addresses that were rejected by Greylisting, but then accepted at a later retry from the same address.
Greylisting mode
Select the data that should be stored in the Greylisting database.
There are four possible modes:
- Sender - The e-mail address of the person sending the e-mail.
- IP - The IP address of the machine sending the e-mail.
- Sender and IP - Both of the above.
- IP+HELO/EHLO - IP address of the machine sending the e-mail and hostname sent in the HELO/EHLO command at the beginning of the SMTP session.
SMTP Response
You can optionally specify a custom SMTP response used when a connection is rejected by Greylisting. Your custom response will appear after '451 4.7.1'. If left blank the default SMTP response message is returned.
By-pass file (greylist.dat)
Press the B button to edit a Greylisting by-pass file, where you can specify senders, domains, and IP address ranges that will not be Greylisted. Examples are given within the file.
