Spam Hammer is a method of defending e-mail users against spam by “temporarily rejecting” any email from a sender it does not recognize. If the mail is legitimate, the originating server will, after a delay, try again and if sufficient time has elapsed, the email will be accepted.

If the mail is from a spammer it will probably not be retried since a spammer goes through thousands of email addresses and typically cannot afford the time delay to retry.

What are some spamming sources?

  • These are often virus infected home PCs.
  • Occasionally they are infected web servers (including scripts on some servers).
  • In many cases, they are a dedicated spam server with too many addresses to bother retrying. Many do retry after a few seconds (thus the +11 second requirement) when deferred.

I tried it out for a week, it is highly effective anti-spam technique. It is also called greylisting (check wikipedia)

 

Why it works

Greylisting is effective because many mass email tools used by spammers will not bother to retry a failed delivery, so the spam is never delivered. A spam sender may retry with a different sender, and possibly a different message, because it has a queue of victims rather than the proper queue of messages that regular mail servers maintain.

In addition, if a spammer does retry a delivery after the waiting period has expired, any one of a number of automated spamtraps will have had a good chance of identifying the spam source and listing both the source and the particular message in their databases. Thus, these subsequent attempts are more likely to be detected as spam by other mechanisms than they were before the greylisting delay.

Disadvantages

The biggest disadvantage of greylisting is that it destroys the near-instantaneous nature of email that users have come to expect. Mail from unrecognised senders is delayed by typically about 15 minutes, and up to four hours. A customer of a greylisting ISP can not always rely on getting every email in a pre-determined amount of time.