Re: [OT] HELP!!! mail attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2008-03-26 at 06:35 -0700, Craig White wrote:
> Greylisting has been a very effective tool for me and I have had NO
> complaints about it at all.

The problem with thought process is thus:  Admin says, "We don't get any
complaints."  And the reason for that is that outsiders are unable to
make any contact to lay a complaint.  It happens all the time, and
admins are unable to get their head around the issue...

I've had the same from people who don't answer their phone, and say that
they've not had any complaints about it.  And yet they expect other
people to answer phone calls that they make.  I just shake my head and
wonder how stupid they really are.

> There's actually a way around it in a crunch...I've put a 5 minute
> window.

That's really not a solution.  While your server may say, come back in
5, you don't have any control over how, when, or if, the sender will
actually retry.  And neither do us have any control over how our ISPs
configure their SMTP servers that we're forced to post through.

As soon as you implement greylisting, you *WILL* make it completely
impossible for *some* people to email you.  It's an inescapable fact.
Trying to guess how much you will lose, and the worth of that loss, is a
pointless exercise.

It's not good for business, nor even personal relations.  Some people
will try to contact you via an alternative method, some will not.  I am
one of those who puts little effort into contacting someone that makes
it hard to do so, and I am not alone in that regard.

A case in point, the greylisting response that killed a message I tried
sending to someone, to whom I had no other way to get in touch with:

  This message was created automatically by mail delivery software.
  A message that you sent has not yet been delivered to one or more of its
  recipients after more than 24 hours on the queue ...[snip]... 

  The message identifier is:     ...[snip]...
  The subject of the message is: ...[snip]...
  The date of the message is:    Sun, 10 Feb 2008 21:49:26 +1030

  The address to which the message has not yet been delivered is:

     ...[snip@xxxxxxxxxxxxxx]...
      Delay reason: SMTP error from remote mail server after RCPT TO:...[snip]...@xxxxxxxxxxxxxx>:
      host secmx.vic.chariot.net.au [203.87.83.188]:
      450 4.7.1 <...[snip]...@xxxxxxxxxxxxxx>: Recipient address rejected:
      Greylisted for 1 minutes

The message said to try again in 1 minute, it never succeeded.  The
error message, about it, came to me two days later.  I saw no point in
trying to send again, the system had tried to resend and failed, by
itself.  There's nothing I can do to change how it was going to try.

Taking a day to try and e-mail someone, and being informed two whole
days after posting that it failed, is just pathetic.  Email should take
mere seconds, no matter what some dingbats think about it.

Right now I'm mentally picturing what should happen to spammers that
caused the invention of greylisting now DoSing us, it involves baseball
bats, steel-capped workboots, and broken bones...

-- 
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux