On Wed, 2004-12-08 at 13:03, David Cary Hart wrote: > This was a fairly lengthy treatise. The bottom line is that: > > 1. Any delay in receiving any email may be costly. This is a matter of educating users IMHO. Email is not guaranteed to be delivered even without greylisting, there are many things outside the senders and recipients control that can prevent email from getting where it should. Any processes built around email should account for that. And any really important email being sent should be followed up by a phone call or possibly sent via fax or some other method which does have guaranteed delivery. Of course your particular environment may be dictating this reason. If so how do you guarantee timely delivery of all email? > 2. The same result can be achieved with other methods that do NOT cause > a delay with far less maintenance time associated with whitelisting. I would be very interested in these other methods. Seriously! I believe the newest version of sendmail has implemented a delay feature which effectively blocks the vast majority of zombies as they tend to just push handshake as fast as they can. But what other methods are available that are as effective as greylisting? I have also found the maintenance for greylisting to be minimal. > 3. Ultimately, much (if not most) spam is the result of user behaviors. > Those can be successfully modified to stop spam at the source. Other than starting with a new email address and telling people not to share it with anyone how do you modify a users behavior to prevent spam? A lot of the spam I have seen is sent to randomly guessed accounts in the domain of the email server. Bad stuff if you have a catchall address. :) Have also seen accounts used that have been deactivated for many years. They just keep using the same mailing list to send spam. Once am email address leaks out there is no way to reclaim it spam free. Several years ago I wondered what all the fuss was about spam. My home email account rarely if ever has any spam sent to it. Then a couple of years ago it started coming in waves. Found out that my ISP had lost control of mail server (can we say hacked?) and it was after that point that the spam started coming through by the hundreds. > 4. Spam engines are already being engineered around the scheme. Well have not seen any significant increase in spam since implementing greylisting. I was also worried that this would be a short term thumb in the dike. But so far it has held up quite well for over a year now. I expect it to be effective for sometime to come. Of course if/when the zombies are re-written to get around this you combine greylisting with some of the realtime block lists. The idea is that when you first see the message you greylist it. By the time they come back around you check the block lists and you will probably find them on one of those so you reject the message completely. Of course you would need to use a 15 to 30 minute delay in that case but then this would be for initial contacts and unsolicited email. You would have all your known correspondents in your whitelist. :) -- Scot L. Harris webid@xxxxxxxxxx Nothing is ever a total loss; it can always serve as a bad example.
