Wifi Password Recovery - UTM - Vulnerability Scanning


VIP LOUNGE
CLOUD LOGIN
Sun Sun Sun

You are here: Encyclopedia > What is Grey Listing?

 What is Grey Listing?

Grey listing is a new method of blocking significant amounts of spam at the mail server level, but without resorting to heavyweight statistical analysis or other heuristical (and error-prone) approaches. Consequently, implementations are fairly lightweight, and may even decrease network traffic and processor load on your mail server.

 
The term grey listing is meant to describe a general method of blocking spam based on the behavior of the sending server, rather than the content of the messages. Grey listing does not refer to any particular implementation of these methods. Consequently, there is no single grey listing product. Instead, there are many products that incorporate some or all of the methods described here.
 
The SecPoint® Protector (http://www.secpoint.com/secpoint-protector.html) comes fully loaded with the grey listing functionality that provides the customers with the best anti-spam solution.
 
 
Grey listing has been designed from the start to satisfy certain criteria:
 
  • Have minimal impact on users
 
  • Limit spammers' ability to circumvent the blocking
 
  • Require minimal maintenance at both the user and administrator level
 
While somewhat effective, user-level spam blocking has a few key drawbacks that make its use in the continuing spam war undesirable. A few of these are:
 
  • It provides no notice to the senders of legitimate email that is falsely identified as spam.
 
  • It places most of the costs of processing the spam on the receivers' side rather than the spammers' side.
 
  • It provides no real disincentive to spammers to stop wasting our time and resources.
 
As a result, grey listing is designed to be implemented at the MTA level, where we can cause the spammers the most amount of grief.
 
High Level Overview
 
Grey listing got its name because it is kind of a cross between black- and white-listing, with mostly automatic maintenance. A key element of the grey listing method is its automatic maintenance.
 
The grey listing method is very simple. It only looks at three pieces of information (which we will refer to as a "triplet" from now on) about any particular mail delivery attempt:
 
  • The IP address of the host attempting the delivery
 
  • The envelope sender address
 
  • The envelope recipient address
 
From this, we now have a unique triplet for identifying a mail "relationship". With this data, we simply follow a basic rule, which is, "If we have never seen this triplet before, then refuse this delivery and any others that may come within a certain period of time with a temporary failure."
 
Since SMTP is considered an unreliable transport, the possibility of temporary failures is built into the core spec. As such, any well behaved message transfer agent (MTA) should attempt retries if given an appropriate temporary failure code for a delivery attempt (see below for discussion of issues concerning non-conforming MTA's).
 
During the initial testing of grey listing in mid-2003, it was observed that the vast majority of spam appears to be sent from applications designed specifically for spamming. These applications appear to adopt the "fire-and-forget" methodology. That is, they attempt to send the spam to one or several MX hosts for a domain, but then never attempt a true retry as a real MTA would.
 
The aforementioned tests confirmed that in the test environment, based on a fairly conservative interpretation of testing data, an effectiveness of over 95% was attained, and that is with no legitimate mail ever being permanently blocked.
 
In addition, with the recent rampant proliferation of email-based viruses, grey listing has been shown to be extremely effective in blocking such malware, as they also do not tend to retry deliveries. And since they tend to be fairly large, bandwidth and processing savings are significant compared to the standard method of accepting delivery and local virus scanning.
 
This blocking comes with a minimal price from the terms of local resources. Assuming the use of a local datastore for the triplet and other metadata, there is no required network traffic caused by grey listing other than that associated with the connection itself. Since users tend to not check the contents of the message at all when using grey listing services, there is very little processing overhead, unlike many other spam-blocking methods.
 
The best part is that since grey listing never permanently fails a message delivery, as long as the delivering MTA's are well behaved, the spam-blocking method should never cause a legitimate mail to bounce. There should never be a false positive!
 
 

Read more about our services and products here: About SecPoint, IT Security Products, and IT Security Jobs.

WPA Password Recovery                                   Web Vulnerability Scanner                                 Protector UTM Firewall

 


Reviews of SecPoint.com
 
 
 
 
 

Awards & Reviews
  

  

Related pages
Aircrack
All Modules Included at 1 Price
Anti-Spam Firewall
Anti-Spam Software
Anti-Virus
Appliance VS Software
Application Security
BackTrack
Black box
Blind SQL Injection
Blue box
CIDR Network Information
Cloud Security
Control both Incoming and Outgoing Scanning
Crack Wifi Passwords
Cross-site Request Forgery
Full Mail Archiver
Global System for Mobile GSM communication
Hacker
Hacking wifi password
Hacking Wifi Passwords
Hyper V Virtual UTM Appliance
Internet Filter
Logic Attack
Logic Bomb
Malware
Man-in-the-middle Attack
PCI-DSS Compliance
RC Release Candidate Software Firmware
Red box
Server Spam Filter
Shoulder Surfing
Time Based Web Filter
UTM Appliance Anti-Virus
UTM Appliance WiFi Security
VPN Firewall
Wardriving
WEP Crack
WEP Key
WEP WPA2 Crack
What are the attacks on the Macros and ActiveX?
What is 2600?
What is a 2.4 GHz Wi-Fi?
What is a Black Hat?
What is a Botnet?
What is a Cookie?
What is a Cracker?
What is a Grey Hat?
What is a Man in the Middle Attack?
What is a Null Session?
What is a Password Replay Attack?
What is a password?
What is a Routing Table?
What is a Script Kiddie?
What is a Spanning Tree Protocol Attack?
What is a vulnerability scanning appliance?
What is a web application firewall?
What is a White Hat?
What is an Elite Hacker?
What is an open mail relay
What is Blacklisting?
What is CISSP?
What is ComboFix?
What is Cross Site Scripting(XSS)?
What is Cyberwarfare?
What is Data Leak Prevention?
What is Denial-of Service Attack?
What is Diffie-Hellman Encryption?
What is Dumpster Diving?
What is Encryption?
What is FTP?
What is Grey Listing?
What is Greylisting?
What is GSM Encryption?
What is High Availability?
What is Instant Messaging?
What is ISSAP?
What is ISSMP?
What is Linux?
What is MD5 Encryption?
What is Novell NetWare?
What is P2P?
What is Penetration Test?
What is Phrack?
What is Port Knocking?
What is RC4 Encryption?
What is SANS Top 20?
What is search engine hacking?
What is SFTP?
What is SHA Encryption?
What is Social Engineering?
What is SOCKS5?
What is SOCKS?
What is Spyware?
What is SQL Injection?
What is SSL?
What is TCP?
What is Telnet?
What is the 5.8 GHz Wi-Fi?
What is the mail service attack on Microsoft Exchange Server?
What is Tunneling Protocol?
What is UDP?
What is UTM?
What is Virus?
What is vlan tagging?
What is VoIP?
What is War Dialing?
What is Whitelisting?
What is Wi-fi?
What is Wimax?
What is Zero Day?
wi-fi password cracker
WiFi Audit
Wifi auditor the Portable Penetrator
WiFi Client Cracking
WiFi Client Hacking
WiFi Crack
WiFi Cracking
Wifi Decoder
Wifi Defender
WiFi Hack
WiFi Pen Test
WiFi Pen Test Appliance
Windows Operating System - Password Attacks
Wireless Encryption Standards
WPA hacking software
WPA Key
WPA2 Encryption

Subscribe to our Mailing List

Customer References


About
About
SecPoint
History
Mission Statement
Vision
Management
Investment
Bank
Sponsorship
Certificates
Environment
Environment
What is RoHS Weee?
Accounting
Values
Member of Organisations
Merchandise
SecPoint Certification
Design
Status Information
Hardware Vendors
Jobs
Environment
SecPoint on social media
Twitter Facebook Youtube
Products
Products
Protector
Cloud Protector
Penetrator
Portable Penetrator
Cloud Penetrator
Free IT Security Tools
Pricing
SecPoint Brochures
SecPoint Questions FAQ
SecPoint Datasheets
SecPoint SPID Library


Partners
Partners
Become a SecPoint Affiliate
Become a SecPoint Partner
SecPoint Franchising
SecPoint Partner Lounge
News
News
Press
Product Awards
SecPoint RSS Feeds


Contact
Contact
General Contact
IT Security Products Webshop
Latest SecPoint Software Images Change Log
SecPoint FAQ Frequently Asked Questions
SecPoint on Twitter
SecPoint Sales Training Videos
SecPoint Shipping Cost
SecPoint World Wide Shipping
Support
Solutions
Anti-Spam Appliance
UTM Appliance
Penetration Testing
Proxy Appliance
SAAS
Spam Filters
Vulnerability Assessment
Vulnerability Scanner
Vulnerability Scanning
Vulnerability Scanning Appliance
Web Content Filter
Web Filter Appliance
WiFi Hacking
How essential is vulnerability
management?
What is ...?

Encyclopedia | Free Scan Statement | Link Policy | Privacy Statement | Resources | Sitemap | User Policy
© Copyright 1999-2012: SecPoint®
SecPoint ApS Noerregade 7B - 1165 Copenhagen K - Denmark
US Toll free: +1-888-704-7297 - EU: +45-70-235-245