Spam is the ban of any system administrators life and many people have taken it for granted that they must simply live with a certain level of spam in their day-to-day lives. However this does not have to be the case. A combined spam filtering approach is what is needed to end the spam problem. We find that a combination of blacklists and greylisting is the magic bullet that kills spam dead.
What is graylistng
In essence graylisting asks any email server, that it trying to send it email from an address that is has not received from before, to back off and send the email again in 5 minutes. The actual amount of time to back off for can be configured but it is also up to the sending machine to decide how long it will wait before resending. Next time the email is sent the greylist will recognise the email address and allow email to flow throught he system. This will kill about 99% of all spam. Most spam originates from zombied machines which the spammers have infected with a mailing programme. In most cases this malware adopts a fire and forget approach to spamming. i.e it will send out the email and forget about it. So when it is asked to resend it ignores the command and goes on to the next email address. Over time your mail server will build up a whiltelist of mail address that it will allow to pass throught the system without being delayed. The most well know piece of greylisting software is postgrey for postfix while sendmail has several implementations
Subscribe to blacklists
For the remaining spam blacklisting, aslo known as realtime blackhole lists, can be used. Your mail server should be configure to subscribe to several of the popular dns blacklist sites which will confirm a senders address as a well known spammers address. This work because if the mailserver does resend the email it is likely to be a misconfiugred email server with a fix ip which is easy to identify as a constant source of spam. Examples of these lists are spamhaus
Create your own blacklist
In some cases some marketing email may still get through. This is the gray area of spamming as marketers will argue that sending out newsletters and adverts for services is legitimate. There are many online marketing firms that sell lists of email addresses as a service to their customers and are not classified as spammers. To beat these people simple create your own black list and add the offending senders email address or mail server to your blacklist.
