At 15:30 yesterday afternoon we started employing an anti-SPAM technique known as greylisting on the University's incoming mail exchangers.

What greylisting does is change the behaviour of the mail server so that when we receive e-mail from someone we don't know, we temporarily refuse to accept it for five minutes. The idea behind this is that any standards-compliant mail transport agent will automatically re-try the delivery some time later, where as majority of spammers doen't check the response codes correctly. It has proven to be reasonably effective at other sites and, given the increasing number of false-negatives coming through our baysian filters, it is worth a try here.

One of the possible side effects of greylisting is that some mail servers don't correctly implement the SMTP RFC in that when mail is temporarily deferred, they'll fail the message without re-trying. Whilst this isn't standards-compliant behaviour (and thus technically it's the remote site's fault, and accordingly their problem to fix), it is possible for us to whitelist these hosts when we become aware of them. We've already whitelisted some of the more popular sites that are known to have problems.

Greylisting also means that e-mail from new senders will be slightly delayed (perhaps up to an hour or so). Whilst this is perfectly in line with the aims of the transport protocol (SMTP), many users have come to expect instant response. In other words, it may fail to meet some users' flawed expectations.

You can find more information on greylisting at greylisting.org.

Mail to postmaster@ and systems@ is not affected by greylisting and will be delivered regardless. The latter address can be used to report problems with the greylisting service.