An option to greylist non-secure SMTP connections over port 25
Idea shared by Steve Norton - February 20 at 12:32 PM
In my analysis of the past 2 weeks I can see that 99+% of Spam does not use STARTTLS, they can't get through the volume they need to if they were to implement extra commands and take a hit on the computational cost of encryption.
I also see that 97+% of legitimate email uses STARTTLS which every good administrator would configure their server to do.
If Smartermail could respond with a greylisting message if it does not receive "cmd: STARTTLS" after "rsp: Hello []250-SIZE 31457280250-AUTH CRAM-MD5250-STARTTLS250-8BITMIME250 OK" wouldn't this reduce the number of unknown good senders that get greylisted?
Would that be easy to code?

2 Replies

Reply to Thread
Matt Petty Replied
Employee Post
Could potentially work, greylisting can already be setup to greylist based on a certain SMTP weight threshold. Adding some additional logic to check if the weight is above a certain value OR the session was not secure could add the desired functionality. A setting would need to be added somewhere to control this behavior as well.
Matt Petty
Software Developer
SmarterTools Inc.
(877) 357-6278
It would cover all the domains that the default greylist filters achieve and millions more legitimate senders like me, you and all of your customers. It allows for new IP ranges to be added by the likes of G/Hotmail without the need to adjust the greylist filters as today's default configuration would require. It's then up to the Spammers to work this out and start encrypting mail but I'd expect us all to be ahead of them for a few years at least.
Another thought that would sit in the same piece of code would be to add a delay (30 - 45 seconds for example) if the STARTTLS command was not submitted (with or without greylisting), Spammers would have moved on at that stage but legitimate/unencrypted email would wait for a response.

Reply to Thread