Greylisting

So I've turned on Greylisting for my personal mail server (for theducks.org / bluplanet.net / alexdawson.net) .. it's very very cute. Basically, most spam is sent from PCs running Windows, infected with viruses that make them anonymous spam relay bots. These relays aren't very smart, so if you accept or don't accept the mail, it doesn't care, it only tries once to send it. It has millions more messages to send out.

Greylisting puts the onus on a mail server to prove that it is /not/ a spambot. It does this by keeping a track of everyone who emails you - their return address, what email they tried sending to and what the mail server that tried sending was. If it receives a message that does not match any previous triples, it sends back a message saying (effectively) "something went wrong on my end.. it might work again in a few minutes". Good mail servers will receive this error message, wait a while and try again. Spam bots won't.

I've been running it since lunch time today, and it's dropped 70 spams. I've now got whitelists in for livejournal and some other stuff, so we'll see how it goes. I'm not sure how long I'll keep using it, but if it works, it will be quite cute.