What Is a Gray List?
Greylisting is between blacklist and whitelist. It uses interpreted background programs and SMTP status tags to dynamically create blacklists and whitelists.
- Spam has become a growing problem. In order to win the war with spam, we use eighteen weapons. The blacklist, whitelist and graylist should be the most basic tools in this anti-spam war. This article will explain in detail Use them effectively.
- Just as postage costs continue to rise, the increasing complexity of e-mail is an inevitable trend. Before the spread of spam, the Internet was calm, mail systems based on Simple Email Transfer Protocol (SMTP) connections worked well, and mail filters were only used by specialized mail service providers. Today, however, mail filters are almost a necessity in many departments.
So what kind of filter should I choose? If your business receives an extremely large number of emails per day, most of the time, using blacklists and whitelists to filter spam is not very effective, and they can usually only solve their urgent needs. Subscribing to services like Postini can alleviate this problem from the perspective of receiving emails, but this only completes half of the anti-spam war.
Free blacklists of domain name servers (such as Spamhaus.org, Spamcop.net, etc.) have this service and provide an interactive service. Based on this service, through a simple DNS query, the receiving mail server can compare the IP address of the sending mail server with a list of known spam servers. If the IP address is on this list, the message will be rejected.
Many organizations also rely on white-lists. This is a simple list of domains, IP addresses, and SMTP forwarded IP addresses that can accept mail from them. In most networks, this is a list of domains of a company's close partner and supplementary IP addresses, or domains that would actually be captured by spam filters but should actually be valid.
Another type of list-based protection is greylist. Greylisting is between blacklist and whitelist. It uses interpreted background programs and SMTP status tags to dynamically create blacklists and whitelists.
All three methods have their place in the modern enterprise anti-spam war, but must be carefully planned, especially when using blacklists, to avoid harming innocent people. [1]
- Graylist (also spelled greylist) is an advertisement letter filter formed by multiple email addresses or domain names to identify suspicious advertisement letters. When a message from an address or domain in the list is received, it will be quarantined, and it can be delivered to the graylist user only if the sender sends it again within a certain time. Once the sender is deemed legitimate, its address is removed from the list, and future messages sent by that address pass directly through the filter without being blocked.
- The biggest advantage of Graylist is that it eliminates most spam mails that try to distribute advertisements by email. It does not require end users to have special configurations, and does not cause additional burden on end users' computer resources.
- However, unless the sender sends the first message twice from the same email address within a predetermined time, the filter will block the letter. Graylist can also cause annoying delays in initial receipt.
- The term Graylist comes from its mode of working between black and white lists. Blacklists consist of email addresses and domain names of known spam sources. After filtering, you can never send or receive mail with the addresses and domain names on the list. The white list is just the opposite. It consists of email addresses and domain names that the email filter allows to be accepted.
How greylisting works
- This code is usually issued when the request received by the mail server is too long to process. Greylisting is based on the fact that most spam servers and botnets send emails only once, and ignore requests that require them to be sent again after a certain interval. Because for them, resending each email will greatly reduce their total business volume.
- All messages initially rejected by the mail server and requested to "resend later" go to the greylist filter. If the remote server sends this message again in about 10 minutes, it will be passed without any problems, and the mail that matches the header of this message will pass through in the future.
Recent greylist developments
- Recently, greylists have become more popular. This method can greatly reduce the amount of spam, but it also delays the receipt of mail because it requires the server to send the mail again. However, this delay is necessary to distinguish whether it is spam.
- Nevertheless, greylists plus one or more DNS blacklists, plus spam and virus filters can provide us with a relatively clean email system. Today, they have become an SMTP server necessary to prevent spam and viruses Fewer standard methods. Although the chances of missing messages still exist, they are not fatal.