SMTP greylisting/trapping

Greylisting

Greylisting is the process of rejecting mail deliveries from unknown senders, forcing them to do additional delivery attempts. Real mailservers go for an actual retry - most spammers do not. Of course, spammers will adapt to this, but this delay is usually enough for other methods to catch the spammer, blocking them permanently.

miracle automatically whitelists any mail host to which it delivers mail (outbound connections to remote port 25, actually. To whitelist a single host, just telnet to it's mailserver). Permanently whitelisted hosts are listed in /etc/whitelist.txt; IP addresses of any additional legit mail sources may be delivered via email to the chief but mostly this should not be needed. Gmail is currently the only exception, and that's why they're listed.

A complete list of whitelisted and greylisted hosts is stored in the bdb database /var/db/spamd, which may be accessed read-only via spamdb(1):

$ spamdb |grep WHITE
WHITE|83.221.139.201|||1144932538|1144934045|1148291113|2|2
WHITE|83.90.227.58|||1145151874|1145154730|1148268708|4|32
WHITE|83.90.248.115|||1145151832|1145151832|1148267631|1|39
[..]
$ spamdb |grep 83.90.248.115
WHITE|83.90.248.115|||1145151832|1145151832|1148267631|1|39

Greytrapping

Greytrapping is the process of placing disposable email addresses on websites in the hopes that spammers capture the address for their lists. When a mail delivery for such an address is detected, the source IP is immediately blocked thereby protecting other users from being spammed.

Several non-existing email address in the mongers.org domain have already been captured by spammers, and these have now been added as feel free to use the following dummy email addresses (exactly as they appear here) on your websites so that spammers may harvest them.

Please use CSS to hide the mail adresses from humans or post a warning similar to this one: "WARNING: Sending mail to these mail adresses will cause your mailserver to be blocked from ever sending mail to this system again."

If you have your MX records hosted here, feel free to contact the chief to create UCE traps for your domain as well.