Email ???

Ed Greshko Ed.Greshko at greshko.com
Tue May 1 14:42:04 UTC 2007


James Wilkinson wrote:

>> You are incorrect on several counts.
>>
>> 1.  The time to delay is configurable in a good greylist milter.  Mine is
>> set to 15 minutes since this is pretty much the default retry interval of
>> most MTAs.
> 
> Really? The standard says
>    The sender MUST delay retrying a particular destination after one
>    attempt has failed.  In general, the retry interval SHOULD be at
>    least 30 minutes;
> (RFC 2821 section 4.5.4.1)
> 
> Calling half an hour "a while" seems reasonable to me...
> 
> I'd argue that your first sentence is misleading, too -- the delay is a
> result of the configuration of both sending and receiving MTAs.

Whatever....  It is certainly not 4 hours.....

You need to understand the meaning of "should" v.s. "must".

>> 2.  No whitelist maintaining is needed.  The sending system either tries
>> again or it doesn't.  If it is a legitimate sender, it will retry.  Also,
>> when a sender/system is allowed it will be cached.  So, even if you have
>> multiple servers from AOL, etc. they will eventually be cached.
> 
> Tony calling it a "whitelist" may be misleading.
> 
> But you are missing a detail here, and confusing "sending system",
> "computer", and "IP address". For major providers, the sending system
> may involve lots of computers, with lots of IP addresses. Retries may
> come from any of those computers -- this is perfectly legitimate under
> SMTP. So it may take a while (especially if they use an "exponential
> back-off") before the same server retries the same e-mail. With enough
> sending IP addresses, it's possible that the e-mail might never be
> retried from the same IP address.
> 
> There are two ways around this -- either you can (as Tony said) maintain
> a list of senders which use this sort of system, or hope that the
> senders put their sending MTAs in no more than a few /24 subnets. You
> then get the greylist to consider that one sending attempt from
> 127.36.5.1[1] and a retry from 127.36.5.2 is Good Enough.

I think you have no idea of what you speak.

>> 3.  The email itself will only be handled once.  When a server to be delayed
>> first contacts your server the milter will check the cache with the initial
>> information supplied and simply close the connection and not allow the DATA
>> portion to be sent.
> 
> This is true, but possibly not the best response to Tony's post. The
> *real* point is that although the server has to "think about" the
> message twice, the first time takes up nearly no bandwidth and nearly no
> processor time.

Huh?

> But you're missing another point -- the more people use greylisting, the
> less reliable it becomes (because spammers start retrying on any error).
> If Tony and I choose not to use greylisting, that makes it more usable
> for you.

For every point, there is a counter point.

All I know is that greylisting or graylisting and spamassisssin has reduced
the amount of spam I get by 95%.

You can chose to do as you wish.  I will do as I do and be happy that I get
very little spam.

Oh, and BTW, that is not to do stupid things like blanket rejects of upper
level domains.

> James.
> 
> [1] Yes, I know there's a slight problem with that IP address!

Ah, yes, well spoken from someone with no idea as to how things work.




More information about the fedora-list mailing list