2007-11-25 11:54 - Tech
I posted a while back about setting up greylisting on my email server. It's great. I ran into a little configuration snafu which I just recently fixed, but it prompted me to look into some stats.
After fixing it last night, or in the past 14 hours, my greylisting setup has blocked 2724 messages, and passed 42. It's safe to say that the blocked messages were spam. If they were real, they'd have been sent by a real email server, that would have followed the RFC and retried later.
Of the 42 that got through, 34 were indeed spam. They all happened to be sent to non-existant addresses (why do spammers like to guess totally random to addresses? sigh) so none actually got through. But, this means that this super easy, super simple, super efficient blocking method gets only a 1.25% false-negative rate. This means that 98.75% of the real spam is blocked, quickly and cheaply. The 1.25% makes it through the more expensive filters. In this case, they were all simply bounces.
It also means that a quick back-of-the-envelope calculation shows that, in my little neck of the woods, the internet carries 99.997% spam, and only 0.003% ham email. Saddening.