Greylisting Is Still Awesome Spam Blocking

2007-11-25 11:54 - Tech

I posted a while back about setting up greylisting on my email server. It's great. I ran into a little configuration snafu which I just recently fixed, but it prompted me to look into some stats.

After fixing it last night, or in the past 14 hours, my greylisting setup has blocked 2724 messages, and passed 42. It's safe to say that the blocked messages were spam. If they were real, they'd have been sent by a real email server, that would have followed the RFC and retried later.

Of the 42 that got through, 34 were indeed spam. They all happened to be sent to non-existant addresses (why do spammers like to guess totally random to addresses? sigh) so none actually got through. But, this means that this super easy, super simple, super efficient blocking method gets only a 1.25% false-negative rate. This means that 98.75% of the real spam is blocked, quickly and cheaply. The 1.25% makes it through the more expensive filters. In this case, they were all simply bounces.

It also means that a quick back-of-the-envelope calculation shows that, in my little neck of the woods, the internet carries 99.997% spam, and only 0.003% ham email. Saddening.


No comments!

Post a comment:

  If you do not have an account to log in to yet, register your own account. You will not enter any personal info and need not supply an email address.

You may use Markdown syntax in the comment, but no HTML. Hints:

If you are attempting to contact me, ask me a question, etc, please send me a message through the contact form rather than posting a comment here. Thank you. (If you post a comment anyway when it should be a message to me, I'll probably just delete your comment. I don't like clutter.)