Configuring greylisting

To fight spam more efficiently, Kerio Connect supports greylisting.

Greylisting is an antispam method that complements other antispam methods and mechanisms in Kerio Connect.

How greylisting works

With greylisting enabled, the following happens when Kerio Connect receives a message:

  1. Kerio Connect contacts the greylisting server and provides information about the message. The greylisting server includes a list of trustworthy IP addresses.
  2. If the list contains the message sender's IP address, the message passes the greylisting check immediately.
  3. If the list does not contain the sender's IP address, the greylisting server delays the delivery. Trustworthy mailservers try to redeliver messages later. Spam senders usually do not.
  4. Once the message is received again, the Kerio Greylisting Service adds the sender's IP address to the whitelist. All future messages from this sender will pass the greylisting check immediately (see step 2).

NOTE

To learn more about greylisting, consult greylisting.org.

What data is sent to Kerio Technologies

If the greylisting is enabled, the Kerio Technologies greylisting server receives the following information:

  • One-way hash (MD5) of the sender's envelope email address and recipient's envelope email addresses
  • IP address of the host delivering the message

The data is periodically deleted from the greylisting server.

If greylisting is disabled, no data is sent to Kerio Technologies.

NOTE

Kerio Technologies uses the received data solely for the greylisting feature.

To see the data sent by Kerio Greylisting Service, enable Greylisting in the Debug log.

Configuring greylisting

Kerio Greylisting Service in Kerio Connect is hosted by Kerio Technologies.

It is available to:

  • Registered trial users
  • Licensed users with valid Software Maintenance

Greylisting is disabled by default. To enable it:

  1. In the administration interface, go to Configuration > Content filter > Spam Filter > Greylisting.
  2. Select the Check incoming messages by Kerio Greylisting Service option.

NOTE

Make sure your firewall allows outgoing connection on port 8045.

  1. (Optional) Create a list of IP addresses to skip in the greylisting check.
  2. Click Test Connection to check the connection with Kerio Greylisting Service.

NOTE

The connection is established every time Kerio Connect server is restarted.

  1. Click Apply.

 

Greylisting

Troubleshooting

If the connection between your Kerio Connect server and Kerio Greylisting Service fails, make sure your firewall allows outgoing connections on port 8045.

Users may experience a delay in delivery. This happens when the message with the particular parameters is received, as described in section What data is sent to Kerio Technologies. The greylisting server delays the delivery. This problem is solved once another message is received.

Messages can also be delivered in a different order than they were sent, due to the greylisting server. This problem is solved once another message with the same parameters is received.

If you want to see what data are sent to Kerio Technologies, enable Greylisting in the Debug log.

If Kerio Connect cannot contact the greylisting server, all incoming messages are delivered immediately. Kerio Connect will try to contact the greylisting server again.

If you acquire a new license or renew your license, it may take several minutes before the Kerio Greylisting Service recognizes it. You may get warning messages in the meantime. Message delivery is not affected.

  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

Configuring spam control in Kerio Connect

Antispam methods and tests in Kerio Connect To detect and eliminate spam, Kerio Connect uses...

Kerio Anti-spam filter

NOTE Changed in Kerio Connect 9.2.0! The Kerio Anti-spam extension uses the Bitdefender...

Blocking messages from certain servers

Automatically blocking or allowing messages from certain servers In Kerio Connect you can...

Creating custom rules for spam control in Kerio Connect

In Kerio Connect, you can create your own antispam rules. The rules filter email headers or email...

Configuring Caller ID and SPF in Kerio Connect

Caller ID and SPF (Sender Policy Framework) allow you to filter out messages with fake sender...