Merak Instant AntiSpam : Greylisting


Greylisting is a fancy method for spam controlling. It is based on the fact, that spammers and unsolicited email senders do not use machines compilant with internet standards. Greylisting prevents spam by responding with a temporary SMTP error after the fist attempt for message delivery. 99% of spam and viruses are sent from mail bombers (automated mail sending programs) which do not ever try to deliver the mail again, so these are blocked for good. Normal mailservers retry after a temporary error a bit later and Greylisting is allowing the message through.

Full text

PRAGUE 09/24/2005: The flash characteristics of greylisting would probably be an exclamation: "How primitive! Although, so efficient!" Greylisting is destructing spam with unbelieavable efficiency of about 80% with entirely trivial method: temporarily suspend mail delivery. However if the mail was sent by well-mannered mail server, the message will after all appear in your inbox.

The cornerstone of greylisting is a simple idea. Well-mannered and internet-standards compilant mail server is trying to deliver the message even though temporary rejection. The mail server (or MTA , Mail Transfer Agent) would after rejection put the message into a queue and would try the delivery after a time period again. Contrariwise, the overwhelming majority of spam is sent by a mail bombers (specialized mail sending programs), trying to deliver vast of messages to huge number of recipient in a shot spam of time. These automated mail bombers are too eager to send and deliver and do not ever bear to wait for responses or ever bear to retry the unsuccessful delivery.

The Greylisting is implemented on the recipient side - in Merak Email Server. Merak Email Server records three pieces of information at the moment when any e-mail is being received:

  • The IP address of the machine sending the e-mail,
  • The e-mail address of the person sending the e-mail,
  • The e-mail address to which the e-mail is being delivered.

In the moment, Merak captures the triplet, it will look into database and compare the information with the data in the internal database. If the sender is authorized, Merak will deliver it normally into users mailbox.

In compliance with the internet standards specification, when a mail server receives a temporary "4xx" error, it have to queue the message and retry to deliver it later on. For genuine email messages and genuine mail server, this process is normal and standard. Correctly configured mail server will redeliver their messages and thus greylisting is not representing a delivery challenge to them. On the other hand the applications used by spammers do not redeliver message because it would decrease the total number of messages they would send. If Greylisting would become an overally deployed technology, the number would be reduced.

One of the advantages is that the mail message is rejected at the moment of arrival to mail server and thus is not transmitted as a whole. This is helping you to save your connectivity and internet resources. Our tests with 5 minute delay - which is bearable - have proven that as high as 80% all spam was destructed by Greylisting. If you are not convinced, see also statistics data at other websites dealing with greylisting, for example

About IceWarp

IceWarp, Ltd. was started in 1999 with the development of Merak version 1. Merak’s exceptional product stability, performance and reliability quickly escalated its global adoption rate with ISPs and businesses. Over the years, IceWarp has maintained a technology leadership position by continuing to advance Merak through many industry-firsts, including:

  • First mail server supporting SSL
  • First mail server with Web mail
  • First integrated multi-threaded antivirus
  • First integrated anti-spam
  • First GroupWare with API (ODBC based)
  • And now, the first server with integrated FTP and Web server capabilities.

Contact address

IceWarp Ltd. is located at City House, 6 Karaiskakis street, CY-3040 Limassol, Cyprus