James Wilkinson wrote: > I've been trying to formulate a response for some time. I think I'd > better be blunt. Sounds like a good idea. Better than pussy footing around. > Ed, I think these statements are combative, unhelpful, and basically > rude. I can put up with the first and the last, but if you're going to > make such statements, please back them up. OK..... Let's cut to the chase then... > Really? The standard says > The sender MUST delay retrying a particular destination after one > attempt has failed. In general, the retry interval SHOULD be at > least 30 minutes; > (RFC 2821 section 4.5.4.1) The "MUST" part is understood as a rule while the "SHOULD" part is a guideline. Since its inception "sendmail" has had its retry interval defaulted to 15 minutes and the retry limit set to 3 days. Some admins change the defaults and I've seen many times where the a retry is set to 5 minutes. There are also MTA's that increase the retry intervals at each failure of a given email to be delivered. Your phrase "exponential back-off" is a good description. So, "SHOULD" is a guideline and having set my greylist interval to 15 minutes is perfectly fine. > Calling half an hour "a while" seems reasonable to me... Never said it was "unreasonable". I only stated what I have as my settings. > I'd argue that your first sentence is misleading, too -- the delay is a > result of the configuration of both sending and receiving MTAs. I'm not sure about "misleading" but certainly "incomplete". I did make the mistake of assuming that the discussion was the delay imposed on accepting a message. But, yes, if I have my greylist set such that I will accept the next retry after 15 minutes and your MTA resends the message 30 minutes later then the delay in deliver will be 30 minutes for the first time. > But you are missing a detail here, and confusing "sending system", > "computer", and "IP address". For major providers, the sending system > may involve lots of computers, with lots of IP addresses. Retries may > come from any of those computers -- this is perfectly legitimate under > SMTP. So it may take a while (especially if they use an "exponential > back-off") before the same server retries the same e-mail. With enough > sending IP addresses, it's possible that the e-mail might never be > retried from the same IP address. You said, "Retries may come from any of those computers" and this is an incorrect statement. While a major provider has many systems sending out emails when an individual email is placed in the queue of a sending system it stays in that system's queue. It doesn't get passed to a different system at the provider's end. So, the retry will come from the same system. Would you like me to send you my greylist logs to prove it to you? > But you're missing another point -- the more people use greylisting, the > less reliable it becomes (because spammers start retrying on any error). > If Tony and I choose not to use greylisting, that makes it more usable > for you! There is a word/phrase for that type of "argument", I think it is a "Red Herring" but not sure.... Of course spammers will react to *any* defensive measures put in place and a given defense will reduce in value in time. Why do you think we are seeing more and more spam with single image attachments that are designed to fool OCR programs? Yet, I don't see the effectiveness of greylisting going down. The greylist's main role is to combat spambots. I'm sure you know what they are, so there is no reason to explain. If creators of spambots would start to build in complexity of retries into their process the return on investment would be small and the users of the infected systems would more likely detect things have slowed down. > These e-mails are counter-productive. If you had addressed them to a new > user, they may well have driven them out of the community. If read by > new users, they may give the impression that the list is hostile. Hopefully, a new user would not pass themselves off as an authority on a subject. > It hasn't been, in the past. Don't make it change. At times it has been...and much more so. In some cases I've seen things spiral down (sometimes rather quickly) to the point of name calling. -- If you didn't get caught, did you really do it?