One year of greylisting: A success story!

Posted on: Wed, 15 Dec 2010 00:15 By: patrick

In September 2009 I started to use greylisting after the spam rate on my main email address had reached an unbelievable 1200 messages per day. Here's the article that describes the event, the reasons why I avoided greylisting for a long time, and why I finally had to give up my resistance.

It is now 15 months later, and I just added an entry to my spam statistics page which makes me a very happy email user! The spam deluge has been reduced to a trickle of merely 36 messages per day, of which almost 95% are correctly recognized as spam by SpamAssassin. If ever there was a success story, greylisting at herzbube.ch is it!

After the break there is a little timeline that might be interesting to read. It is essentially a summary from the statistics page linked above.

  • September 6 2009: 1200 messages per day. Implementing greylisting!
  • September 7 2009: 24 hours later the spam rate has dropped to 120 messages per day - 90% less than one day before!
  • October 30 2009: After almost 2 months of continuously running greylisting, the rate has dropped another notch, it is now at 99 messages per day. Almost 90% of these were delivered via my provider's backup MX which unfortunately does not implement greylisting. I resolve to temporarily remove the backup MX entry from my DNS configuration.
  • December 18 2009: After another 7 weeks of running entirely on a diet of greylisting (i.e. the backup MX was turned off all the time), I now receive 20 spam messages per day. Taking out the backup MX made the spam rate go down by another hefty 80%. If compared with the ratio of the pre-greylisting era the improvement is now over 98%!!! Interestingly, the effectiveness of greylisting has lowered SpamAssassin's recognition rate: Without greylisting SA correctly classified 95% of all messages as spam, with greylisting this rate has dropped to 70%. It appears that spammers who are capable of circumventing greylisting are also better at crafting "quality" spam that can fool SpamAssassin.
  • March 10 2010: In the almost 3 months since the last count, SA's recognition rate has gone up to 85%. The spam rate has also increased to 30 messages per day.
  • December 14 2010: After another 9 months, SA's recognition rate has further improved and is now at 95% - the same percentage I had before greylisting. Besides the long sampling period (and therefore better averaging), another reason for this improvement may be the thorough training SA's bayesian filter has received in the meantime. Unfortunately, the spam rate has, again, increased and is now at 36 messages per day.

It will be interesting to see how the overall spam rate develops in the coming years while greylisting is in place. Since December last year an increase can already be made out, first from 20 to 30, then to 36 messages per day.

It is anyone's guess how much spam I would get today if I were to turn off greylisting - 2000 messages per day seems quite a reasonable number to me. I try not to think about what would happen if spammers ever started to program clever bots that are capable of circumventing greylisting...

Topics

Add new comment

The content of this field is kept private and will not be shown publicly.

Filtered HTML

  • Allowed HTML tags: <h1> <pre> <br> <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type='1 A I'> <li> <dl> <dt> <dd> <h2 id='jump-*'> <h3 id> <h4 id> <h5 id> <h6 id>
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
CAPTCHA This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.