Email ???
Ed Greshko
Ed.Greshko at greshko.com
Tue May 1 14:42:04 UTC 2007
James Wilkinson wrote:
>> You are incorrect on several counts.
>>
>> 1. The time to delay is configurable in a good greylist milter. Mine is
>> set to 15 minutes since this is pretty much the default retry interval of
>> most MTAs.
>
> Really? The standard says
> The sender MUST delay retrying a particular destination after one
> attempt has failed. In general, the retry interval SHOULD be at
> least 30 minutes;
> (RFC 2821 section 4.5.4.1)
>
> Calling half an hour "a while" seems reasonable to me...
>
> I'd argue that your first sentence is misleading, too -- the delay is a
> result of the configuration of both sending and receiving MTAs.
Whatever.... It is certainly not 4 hours.....
You need to understand the meaning of "should" v.s. "must".
>> 2. No whitelist maintaining is needed. The sending system either tries
>> again or it doesn't. If it is a legitimate sender, it will retry. Also,
>> when a sender/system is allowed it will be cached. So, even if you have
>> multiple servers from AOL, etc. they will eventually be cached.
>
> Tony calling it a "whitelist" may be misleading.
>
> But you are missing a detail here, and confusing "sending system",
> "computer", and "IP address". For major providers, the sending system
> may involve lots of computers, with lots of IP addresses. Retries may
> come from any of those computers -- this is perfectly legitimate under
> SMTP. So it may take a while (especially if they use an "exponential
> back-off") before the same server retries the same e-mail. With enough
> sending IP addresses, it's possible that the e-mail might never be
> retried from the same IP address.
>
> There are two ways around this -- either you can (as Tony said) maintain
> a list of senders which use this sort of system, or hope that the
> senders put their sending MTAs in no more than a few /24 subnets. You
> then get the greylist to consider that one sending attempt from
> 127.36.5.1[1] and a retry from 127.36.5.2 is Good Enough.
I think you have no idea of what you speak.
>> 3. The email itself will only be handled once. When a server to be delayed
>> first contacts your server the milter will check the cache with the initial
>> information supplied and simply close the connection and not allow the DATA
>> portion to be sent.
>
> This is true, but possibly not the best response to Tony's post. The
> *real* point is that although the server has to "think about" the
> message twice, the first time takes up nearly no bandwidth and nearly no
> processor time.
Huh?
> But you're missing another point -- the more people use greylisting, the
> less reliable it becomes (because spammers start retrying on any error).
> If Tony and I choose not to use greylisting, that makes it more usable
> for you.
For every point, there is a counter point.
All I know is that greylisting or graylisting and spamassisssin has reduced
the amount of spam I get by 95%.
You can chose to do as you wish. I will do as I do and be happy that I get
very little spam.
Oh, and BTW, that is not to do stupid things like blanket rejects of upper
level domains.
> James.
>
> [1] Yes, I know there's a slight problem with that IP address!
Ah, yes, well spoken from someone with no idea as to how things work.
More information about the fedora-list
mailing list