My personal ISP has started using Greylisting as a method to combat spam.
What is Greylisting?
Greylisting says that until proven otherwise we’re not going to trust an inbound mail connection. It takes the envelope from, the envelope to and the source IP address and forms a tuple. If it has previously let that combination through, then it will whitelist in. But for most mail it will give a temporary failure message. Real mail servers will try again at a preset time. Spammers wont. Even if spammer catch on to this game and reattempt delivery, the mail server can be set to not accept the new attempt for delivery for a default time period (20 minutes). This really throws a monkey wrench into the amount of mail the spammer can send. If the spammer is using a mail sender that will retry, perhaps by that point in time he would be blacklisted due to imput from other antispam sources.
Thus far I am very happy about this on my “vanity” domain name. Not sure if it would be good for business use. Some mail servers do not correctly retry after a transient error. (In my opinion non-RFC compliant mail servers should fix their stuff). Also in business use where a retry interval might be 4 hours minimum, it could really slow delivery. The auto-generating whitelist and manually generated whitelists for business partners would really help that. It remembers which tuple combinations “reattempted” delivery and adds them to a temporary whitelist. The greylisting server I use also adds people I sent mail TO to my whitelist.
I can see problems caused by things like SPF and ways around it. Greylisting has some interesting potential.
Check out the following links for more info. I certainly cant say everything about greylisting in a brief blog entry. I’m just trying to introduce a cool concept.