Get Less Spam with Greylisting

Less Spam with GreylistingUpdate: We have disabled Greylisting accross the board since it was confusing too many users. We will re-enable whenever cPanel offers to enable this and default to “disabled”.

If you use our advanced email service for your domains and have a package that includes email hosting, your account will have been upgraded to add greylisting service.

Greylisting is a great weapon in the ongoing war against spammers. Greylisting is quite simple in it’s implementation and takes advantage of how most spammers set up their servers to send out spam.

Most people recognize spam pretty easily, and usually will simply delete any spam they receive.  Spam email will also occasionally get reported to the hosting provider, in the hope that they will shut down the spammer.  Unfortunately, there are providers in certain areas that allow this kind of abuse to go in.  You should note greylisting is available for our advanced hosting plans, and is not for the free email aliases.register4less

How it Works

In order for a spam campaign to be successful, spammers need to send a very large volume of spam in order to get enough response/business from their mailings.  Spam servers are usually setup a little differently than legitimate servers to optimize the volume of email that can be sent.  One of the settings that is usually disabled on the spam server is to track and resend mailto track and resend email when it is returned with a temporarily unavailable error.

When our servers receive email, we record three data items (called “triplet”) for each incoming mail:

  • The IP address of the connecting server
  • The envelope sender address
  • The envelope address of the recipient.

This data is recorded in an internal database, along with the timestamp of the original mail.  The server will then send a message back to the originating server with a message that there was temporary error, and request that the sending server try again in a little while.  Temporary errors are a part of the SMTP protocol, and these do happen outside of greylisting.  This temporary rejection is only done for email that does not match an existing “triplet” entry in our database.  For senders that are already know, their email will flow through as normal.

Advantages of Greylisting

The advantage to you of having greylisting enabled on your account(s) is there is no configuration for you to setup, you simply turn the service on or off.  How your contacts send you mail does not change, nor do you have to do anything different to get their email.

Disadvantages of Greylisting

The most noticeable difference with greylisting is there will be a slight delay for email coming from unknown sources to your account to get to you.  Usually this delay is only about 15 minutes, but if this person from the unknown address is trying to get email to you urgently, that cannot happen.  This delay can happen for example if you are trying to get a password reset email from a provider you have not had mail from for example.  If this is an issue for you, you can disable greylisting temporarily.

On a technical level, some misbehaving SMTP servers may interpret the temporary rejection as a permanent failure.  This happens only very rarely.  If however you do have a new contact that cannot get email to you, you should ask them to check with the email provider, as their server is not configured correctly.  You can turn of greylisting until they get this corrected.

Enabling and Disabling Greylisting

By default, greylisting has been enabled in our system.  To turn this on or off, do the following:

  • Log into to manage your domain
  • Go to Paid Hosting > Manage Advanced Hosting
  • In the Email section of the cPanel, click the Configure Greylisting icon
  • Toggle the service on or off.

Tags: , , ,

Comments are closed.