On Sat, Jan 27, 2007 at 09:32:54AM -0500, Jim Pingle wrote: > To defeat this, wouldn't a spammer just have to send out the same spam twice > in a row from the same machines, spaced apart by a little time?
Yes. But in practice, most spammers don't bother. They don't use a real SMTP server, but custom apps that can be run from zombies to push out as much spam as possible. See http://projects.puremagic.com/greylisting/whitepaper.html > Bonus for the spammer: accounts on servers without greylisting would get two > copies of the spam. That's not a bonus. Think about it. Sending a message twice will cut the spammer's mail delivery rate at least in half. > Greylisting is a decent idea, but it seems to me that it's just another tool > in the ongoing arms race against spammers. There is no silver bullit. But currently greylisting seems to stop around 95% of spam, and a lot of e-mail based virusus too. See the link above. > It may work for a while, but eventually they'll catch on and it will > only cause unnecessary delays for legitimate mail. Since the "cure" for greylisting involves at least cutting the spam rate in half, I doubt many spammers will adopt it. As for delaying legitimate mail, SMTP is considered an unreliable transport. That is why RFC 821 allows for temporary failures. If you want to contact someone about something that is time-critical, you shouldn't use e-mail anyway. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
pgpkRQSjBitRc.pgp
Description: PGP signature
