Greylisting is an interface that allows you to configure a service. This service protects your server against unwanted email or spam. When enabled, the mail reject any email from a sender. Which the server does not recognize. If the email is authentic, the originating server tries to send it again after a delay. After enough time passes, the server accepts the email.
Greylisting recognizes incoming email by triplets. A triplet is a collection of three pieces of data. It contains the IP address, the sender’s address, and the recipient’s address. By deferring unknown triplets, Greylisting filters spam. It also allows legitimate email a second chance to pass through.
How to enable Greylisting
This interface displays an On/Off toggle option. First, click on toggle to change it to On, and then enable Greylisting.
How to use Greylisting
Following are the descriptions and values for the Configuration Settings section:
|Configuration setting||Default value||Maximum value||Description|
|Initial Deferral Period (in mins)||10||240 (4 hours)||Number of minutes during which Greylisting defers email from an unknown triplet. It begins when the server receives the first email from an unknown IP address.|
|Resend Acceptance Time (in mins)||240||1440 (1 day)||Number of times during which Greylisting accepts a resent email from an unknown triplet. It begins when the server receives the first email from an unknown IP address.|
|Record Expiration Period (in mins)||4320||43200 (30 days)||Number of times Greylisting deletes the triplet record before and treats a resent email as if it comes from a new and unknown triplet. It begins at the moment when the server receives the first email from an unknown IP address.|
|Bypass Greylisting for Hosts having Valid SPF Records||Yes||n/a||It is whether the system automatically accepts email from hosts with a valid sender policy framework or SPF. SPF allows mail exchangers to verify whether a received mail came from a host authorized by that domain’s administrators.
Note: On servers that run CentOS 7, you can usually see a named warning about the absence of SPF resource records on DNS.
Following are the illustrations of the timeline of incoming email and Greylisting’s response with the default settings:
|Attempts||First resend attempt||Greylisting’s response|
|One||n/a||● The Defer email back to sender.
● Add triplet to Greylisting database.
|Multiple||Within 10 minutes of initial email||Continue to defer email back to sender until the Initial Deferral Time expires.|
|Multiple||Over 10 minutes after initial email||● The Deliver email to recipient.
● Continue to deliver email from this triplet till the Record Expiration Time expires.
|Multiple||Over 240 minutes after initial email||Treat email as if a new, unknown triplet has sent it.|
This interface allows to configure a service that protects your server against unwanted spam. This interface identifies incoming emails by triplets. A triplet contains IP addresses, sender and recipient’s addresses. It permits an approved email another chance to pass through.