[clug] spamsum usage in the real world

Nemo clug at nemo.house.cx
Wed Nov 15 05:19:56 GMT 2006


The hypothetical that turned me off greylisting in a business
environment was the idea of getting an email to info@ (greylist delayed), the reply cmoing
from some randomfirst.lastname@ address, which then gets replied to
(greylist delay), and then escalates to manager@ (or another random@
address) = another greylist delay...

...and since we're relying on a remote server to resend, the delay is
potentially unknown every time.

It's true email shouldn't be considered real-time, but most people
consider it more or less to be, and regular observed delays cause user
satisfaction issues :(

.../Nemo





On Wed, Nov 15, 2006 at 03:15:02PM +1100, Alex Satrapa did utter:
> On 15 Nov 2006, at 14:34, Nemo wrote:
> 
> >... especially many business users who are more likely
> >to have have many short-lifetime email conversations than personal
> >users, the delays would be unacceptable.
> 
> When done properly, greylisting only affects the initial message from  
> a host. After that, the originating host is "whitelisted" and the  
> remainder of the conversation occurs without any artificial delays.  
> You don't need to greylist if the sender is approved by relevant SPF  
> records - the policy manager for your mail server should sort that  
> out ("If approved by SPF, it gets through, otherwise greylist it if  
> we haven't seen it, otherwise resort to RBL/XBL").
> 
> The only point of greylisting is buying time so that other measures  
> can take effect. Greylisting all new hosts for 15 minutes may be the  
> difference between receiving spam/viruses/whatever, and dropping it  
> due to the RBL being updated in the meantime, for example. That's the  
> theory anyway.
> 
> Alex
> 


More information about the linux mailing list