Re: Email ???

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



James Wilkinson wrote:

> I've been trying to formulate a response for some time. I think I'd
> better be blunt.

Sounds like a good idea.  Better than pussy footing around.

> Ed, I think these statements are combative, unhelpful, and basically
> rude. I can put up with the first and the last, but if you're going to
> make such statements, please back them up.

OK.....

Let's cut to the chase then...

> Really? The standard says
>    The sender MUST delay retrying a particular destination after one
>    attempt has failed.  In general, the retry interval SHOULD be at
>    least 30 minutes;
> (RFC 2821 section 4.5.4.1)

The "MUST" part is understood as a rule while the "SHOULD" part is a
guideline.

Since its inception "sendmail" has had its retry interval defaulted to 15
minutes and the retry limit set to 3 days.  Some admins change the defaults
and I've seen many times where the a retry is set to 5 minutes.  There are
also MTA's that increase the retry intervals at each failure of a given
email to be delivered.  Your phrase "exponential back-off" is a good
description.

So, "SHOULD" is a guideline and having set my greylist interval to 15
minutes is perfectly fine.

> Calling half an hour "a while" seems reasonable to me...

Never said it was "unreasonable".  I only stated what I have as my settings.

> I'd argue that your first sentence is misleading, too -- the delay is a
> result of the configuration of both sending and receiving MTAs.

I'm not sure about "misleading" but certainly "incomplete".  I did make the
mistake of assuming that the discussion was the delay imposed on accepting a
message.  But, yes, if I have my greylist set such that I will accept the
next retry after 15 minutes and your MTA resends the message 30 minutes
later then the delay in deliver will be 30 minutes for the first time.

> But you are missing a detail here, and confusing "sending system",
> "computer", and "IP address". For major providers, the sending system
> may involve lots of computers, with lots of IP addresses. Retries may
> come from any of those computers -- this is perfectly legitimate under
> SMTP. So it may take a while (especially if they use an "exponential
> back-off") before the same server retries the same e-mail. With enough
> sending IP addresses, it's possible that the e-mail might never be
> retried from the same IP address.

You said, "Retries may come from any of those computers" and this is an
incorrect statement.  While a major provider has many systems sending out
emails when an individual email is placed in the queue of a sending system
it stays in that system's queue.  It doesn't get passed to a different
system at the provider's end.  So, the retry will come from the same system.

Would you like me to send you my greylist logs to prove it to you?

> But you're missing another point -- the more people use greylisting, the
> less reliable it becomes (because spammers start retrying on any error).
> If Tony and I choose not to use greylisting, that makes it more usable
> for you!

There is a word/phrase for that type of "argument", I think it is a "Red
Herring" but not sure....

Of course spammers will react to *any* defensive measures put in place and a
given defense will reduce in value in time.  Why do you think we are seeing
more and more spam with single image attachments that are designed to fool
OCR programs?

Yet, I don't see the effectiveness of greylisting going down.  The
greylist's main role is to combat spambots.  I'm sure you know what they
are, so there is no reason to explain.  If creators of spambots would start
to build in complexity of retries into their process the return on
investment would be small and the users of the infected systems would more
likely detect things have slowed down.

> These e-mails are counter-productive. If you had addressed them to a new
> user, they may well have driven them out of the community. If read by
> new users, they may give the impression that the list is hostile.

Hopefully, a new user would not pass themselves off as an authority on a
subject.

> It hasn't been, in the past. Don't make it change.

At times it has been...and much more so.  In some cases I've seen things
spiral down (sometimes rather quickly) to the point of name calling.


-- 
If you didn't get caught, did you really do it?


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux