dakospace

Well, I bet you know what a SPAM e-mail message is, so I am not going to explain it to you. Rather I will show you now to fight SPAM. One of the most powerful tools against SPAM to chose from is the Greylisting. And it happens that the last day there was a SPAM storm attack against a server running this tool, which is a perfect example how it works in real action. Take a look at the following picture:

I will explain it step by step:

1. Greylisting will “temporarily reject” any email from a sender it does not recognize (putting it in Pending queue – represented by the blue line).
2. If the mail is legitimate the originating server will, after a delay, try again and, if sufficient time has elapsed, the email will be accepted (moving from Pending to Verified queue – represented by the green fill).
3. If the mail is from a spam sender, sending to many thousands of email addresses, it will probably not be retried (timed-out entries are deleted from Pending queue).

In the above example, which is using real data statistics, almost 1000 servers have tried to comunicate to that particular server in timeframe of just 4 hours, each of them probably trying to send 100-s of SPAM messages, or more. Imagine what amount of SPAM was filtered out by just using simple Greylisting implementation. Good job, right?

Edit: The issue was resolved in 24 hours, as it’s visibe from the following picture:

No Comments »

Trackback This Post | Subscribe to the comments through RSS Feed