DNS greylisting to lessen the amount of incoming spam.

Mar 17, 2016

Greylisting is a technique for slowing down the oncoming torrent of spam on the Net today by breaking spamware that isn't compliant with the SMTP RFCs. It consists of a simple alteration to your DNS zonefiles that places an IP address that doesn't have anything listening on port 25/TCP in the position of your primary MX, and the addresses of your real MX's in positions of lower priority in you DNS zone. Spamware that isn't compliant looks at your DNS records for the IP address of the primary MX, tries to contact it, fails, and gives up, or at least that's the theory behind it. Legitimate SMTP servers trying to transmit e-mail, upon detecting the first failure to connect, will move down the list to the next most highly ranked MX in your domain's zonefiles, and so on until it's out of servers to try. I plan on trying it soon on the Network to se if it's worth anything; if it works it'll buy us some more time before we have to build a new mail server.