Only the Persistent Get Trough
Basically, graylisting means only mail from senders who are persistent enough gets through. The assumption is that spammers are too lazy to keep trying.
Before accepting incoming mail, a mail server looks at
- who mails
- whom from
- where.
If the combination is new, the mail server sends back a temporary delivery failure. Legitimate mailers (or open relays abused by spammers) will try again. After a certain delay the message is accepted and the source-sender-recipient combination is put on a white list for some time.
Spammers usually will not have their software configured to try again after such a temporarily delivery failure. Thus, their mail never arrives.
The Benefits of Graylisting
Unlike client-side filtering where the (legitimate) sender may never know their message was trashed, graylisting is
- relatively transparent.
All senders are notified about the temporary failures.
The main benefit of graylisting is that it
- places some burden on spammers and, in particular, on open relays
as they have to continuously try to deliver spam. This provides some incentive for the relaying server to be closed.
Problems of Graylisting
The
- burden placed on innocent parties
is also one of the problems of a graylisting approach. Having to keep lots of mail in a queue requires disk space.
All mail through a graylisting server that is not (yet) whitelisted
- will be delayed.
If the delay is one hour, for example, and the mail servers don't process their queues continuously, a quick email exchange with some support desk that takes about 15 minutes without graylisting could take, maybe, three hours with tempfailing in place on both sides.
Graylisting operates under the assumptions that spammers are lazy and that their mail servers don't behave correctly. While both assumptions are probably true, spammers also do want their messages to be delivered.
If graylisting is used widely,
- spammers will certainly adapt.
The net effect then probably is that a lot of mail (including spam) is unnecessarily delayed.
