Awhile ago, someone mentioned the concept of greylisting to fight spam. The concept is that the first time an email server connects to my mail server, my server would reject that connection for a delay message saying that the server should try again later, typically 4 hours later. The premise is that most spam servers or trojan horses try to send spam once and then don’t try again. Great in concept, but it would delay my email the first time someone sent me email. I didn’t implement it because I didn’t want the delay.
Recently, the IT guy for one of my clients started implementing this on their server, so I took another look. He pointed me to milter-greylist and it looked interesting; it was interesting as I could determine which addresses would use greylisting. So, I implemented it and set it up so that some of my secondary addresses would get greylisting support. I saw about a 20% drop in number of messages that were hitting dspam. This is excellent as it reduced server load.
I still wish more ISP would do more to prevent random users from sending mail via SMTP from home machines and more companies would implement SPF. Speaking of SPF, I ordered some stuff from BabyCenter.com and was surprised when I didn’t get my order email. I tracked down the problem; they published an SPF record:
babycenter.com. 3600 IN TXT “v=spf1 a:mailers.babycenter.com -all”
This means that all email comes form mailers.babycenter.com. That’s a problem as their online store is run off another server, so email from it doesn’t come from mailers.babycenter.com. Since my server uses SPF, it rejected the email. Nice try, babycenter.com, but please get a clue before implementing an anti spam technique.