[From_old_site] Greycasting: a distributed heavy duty greylisting implementation or Nothing beats /bin/rm for pruning a database

At work, I maintain a mail filter serving a 5 digit number of users. Naturally, this attracts a lot of spam. To reduce the impact, greylisting is used.
A few simplifications have been made: only the domain of the email sender is recorded. This is to cope with systems that change the envelope sender for each retransmission. Likewise, only the /24 IP address prefix is recorded (in order to be friendly to GMail/HotMail users).Historically, there’s been huge activity peaks with bursts of up to 20 million emails a day (1 minute samples). This is over 200 mails/sec and was not healthy to the performance of the cluster — due to overload, legitimate mail were tempfailed leading to long delays in email delivery.To avoid any single point of failure it is desirable avoid the use of a central greylisting database so a distributed technology is needed. Continue reading