[clug] spamsum usage in the real world

Nemo clug at nemo.house.cx
Wed Nov 15 06:26:59 GMT 2006


I'm talking about a normal person-to-person email thread type replies.
Nothing automated. 

The greylisting schemes I've seen has always talked about whitelisting
the triplet of sender address, recipient address, and sender IP. So
every unique triplet (which in my hypothetical, each email _in_ to the
greylist server is unique), generates a brand new delay. 

Whitelisting any duo of the triplet would certainly reduce some
potential delays, but presumably would reduce the effectiveness of
greylisting too. 

.../Nemo


On Wed, Nov 15, 2006 at 05:17:00PM +1100, Kim Holburn did utter:
> In grey-listing there should be no replies, you reject the  
> connection.  You don't bounce or reply, in fact bouncing is something  
> not to do if at all possible.  There is too much danger of having  
> spammers use you for joe jobbing if you bounce.  But once you get the  
> second duplicate email you generally white-list the sender and  
> thereafter there is no delay.
> 
> You can grey list with a 30 second delay if you want.  It doesn't  
> much matter.  Grey-listing shouldn't cause much delay at all.  Of  
> course I'm not sure it's much use either.
> 
> Using virtual servers on high mx preferences to block is quite a  
> useful technique a colleague of mine was experimenting with.
> 
> 
> On 2006/Nov/15, at 4:19 PM, Nemo wrote:
> >The hypothetical that turned me off greylisting in a business
> >environment was the idea of getting an email to info@ (greylist  
> >delayed), the reply cmoing
> >from some randomfirst.lastname@ address, which then gets replied to
> >(greylist delay), and then escalates to manager@ (or another random@
> >address) = another greylist delay...
> >
> >...and since we're relying on a remote server to resend, the delay is
> >potentially unknown every time.
> >
> >It's true email shouldn't be considered real-time, but most people
> >consider it more or less to be, and regular observed delays cause user
> >satisfaction issues :(
> >
> >.../Nemo
> >
> >
> >
> >
> >
> >On Wed, Nov 15, 2006 at 03:15:02PM +1100, Alex Satrapa did utter:
> >>On 15 Nov 2006, at 14:34, Nemo wrote:
> >>
> >>>... especially many business users who are more likely
> >>>to have have many short-lifetime email conversations than personal
> >>>users, the delays would be unacceptable.
> >>
> >>When done properly, greylisting only affects the initial message from
> >>a host. After that, the originating host is "whitelisted" and the
> >>remainder of the conversation occurs without any artificial delays.
> >>You don't need to greylist if the sender is approved by relevant SPF
> >>records - the policy manager for your mail server should sort that
> >>out ("If approved by SPF, it gets through, otherwise greylist it if
> >>we haven't seen it, otherwise resort to RBL/XBL").
> >>
> >>The only point of greylisting is buying time so that other measures
> >>can take effect. Greylisting all new hosts for 15 minutes may be the
> >>difference between receiving spam/viruses/whatever, and dropping it
> >>due to the RBL being updated in the meantime, for example. That's the
> >>theory anyway.
> >>
> >>Alex
> >>
> >-- 
> >linux mailing list
> >linux at lists.samba.org
> >https://lists.samba.org/mailman/listinfo/linux
> 
> --
> Kim Holburn
> IT Network & Security Consultant
> Ph: +61 2 61258620 M: +61 417820641  F: +61 2 6230 6121
> mailto:kim at holburn.net  aim://kimholburn
> skype://kholburn - PGP Public Key on request
> Cacert Root Cert: http://www.cacert.org/cacert.crt
> Aust. Spam Act: To stop receiving mail from me: reply and let me know.
> Use ISO 8601 dates [YYYY-MM-DD] http://www.saqqara.demon.co.uk/ 
> datefmt.htm
> 
> Democracy imposed from without is the severest form of tyranny.
>                           -- Lloyd Biggle, Jr. Analog, Apr 1961
> 
> 
> 
> -- 
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux

-- 
  ------------------------------------------ --------------------------
                                                    earth native


More information about the linux mailing list