Fighting spam with greylisting and thunderbird

Greylisting is an effective way to fight spams. According to Evan Harris, “The Greylisting method is very simple. It only looks at three pieces of information”, the three pieces of information refers to “The IP address of the host attempting the delivery”, “The IP address of the host attempting the delivery” and “The envelope recipient address”. These three pieces of information called “triplet”, the way greylisting works is very simple: “If we have never seen this triplet before, then refuse this delivery and any others that may come within a certain period of time with a temporary failure.” Here the certain amount time can be a few minutes to more than an hour, if the amount of time to delay the mail delivery is too long, some legitimate emails will be lost, if the time period is too short, it maybe defeated easily.

The principle of greylisting is simple and elegant, because most spams are fire and forget, meaning that spammers send a batch of spams once and never look back, and this behavior is necessary for spammers, if the spams behave  like legitimate emails it will be easy to identify the source and block the spams.

Of course, greylisting is just the first defense against spams, to be exact, those rogue and  random spams, there are also unsolicited emails from ad agencies, email campaigns, etc., these emails are not all spams but most of them are spams, these emails behave just like legitimate emails, and some of them are requested by the recipients, so we can’t just block them, we will have to find another way to fight them, in my case, mozilla thunderbird is the solution.

Mozilla thunderbird has a nice “Junk Setting”, you can enable “adaptive junk mail control” and train thunderbird to recognize legitimate emails(hams) and spams. When you receive an email in your Inbox, say it’s an ad from a company, and you don’t like it and consider it spam but the mail server won’t be able to block this email without losing legitimate emails, you can manually mark the email in question as junk, depends on your settings, the email will be moved into Junk folder automatically or you can move it into the Junk folder manually. You will have to do this a few times before thunderbird will automatically label this kind of emails as spam. Sometimes thunderbird will label legitimate emails as spam, you will have to unmark those emails and move them back from Junk folder, usually thunderbird will do it right after the training.

We’ve been running our own mail server with greylisting, spamassassin and clamav for more than 6 years and using thunderbird as our mail client from the very beginning, we probably will receive 2-3 spams a week per person right now, the  total email volume well exceeds a few thousands a week. So far the combination of greylisting and thunderbird works quite well, in fact we all love the simplicity of the way server and client side handling the emails, greylisting is transparent to end users, thunderbird junk mail control is really convenient to use, no hassle to the end users, together they deliver the real world wonders.

Leave a comment | Trackback
Mar 10th, 2010 | Posted in Business and Open Source
Tags: , ,
No comments yet.

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
RSS for comments on this post
CAPTCHA Image
*