[AusNOG] Greylisting in an ISP / Hosting Environment
Simon Lyall
simon at darkmere.gen.nz
Mon Apr 27 11:15:35 EST 2009
On Mon, 27 Apr 2009, Nick Brown wrote:
> I'm wanting to get a general feel for the industries views on
> Greyisting, specifically as for the most part the people on this list
> are the ones who are infact trying to send us legitimate email. Is the
> consensus to try and build a well populated whitelist of known networks,
> or are we better to drop Greylisting - incur significant extra load on
> the gateways, and have to spend the extra time trying to fine tune the
> heuristics of our applications.
The main problems I see with Greylisting are:
1. Customers expect Email to be sent within a few seconds ( as in while
they are talking to the other person over the phone )
2. Mail servers do NOT retry the same way that Greylist people expect them
to.
2a. The email may be resent from a different server than what originally
tried to send it ( shared queue among server cluster )
2b. Retry times may be shorter, longer or with a different backoff
algorithm ( and change depending on random factors ) than what they
greylisting algorithm expects.
Overall they customers only care that you block the spam not how you do
it. However they will care that emails are taking minutes/hours/days to
get delivered whereas other sites s do not have the same problem.
Having a whitelist will fix some of the problems but it'll never have 100%
coverage.
Personally I also dislike any anti-spam method that can be beaten by 20
lines of code.
--
Simon Lyall | Very Busy | Web: http://www.darkmere.gen.nz/
"To stay awake all night adds a day to your life" - Stilgar | eMT.
More information about the AusNOG
mailing list