Greylisting -- Was: Anti Spam

Sun Apr 29 09:00:02 UTC 2007

> -----Original Message-----
> From: Bart Silverstrim [mailto:bsilver at chrononomicon.com]
> Sent: Saturday, April 28, 2007 5:01 PM
> To: Ted Mittelstaedt
> Cc: Eric Crist; Grant Peel; Christopher Hilton;
> freebsd-questions at freebsd.org
> Subject: Re: Greylisting -- Was: Anti Spam
> 
> 
> 
> On Apr 28, 2007, at 5:25 AM, Ted Mittelstaedt wrote:
> 
> >
> >
> >> -----Original Message-----
> >> From: Bart Silverstrim [mailto:bsilver at chrononomicon.com]
> >> Sent: Friday, April 27, 2007 1:58 PM
> >> To: Ted Mittelstaedt
> >> Cc: Christopher Hilton; Grant Peel; Eric Crist;
> >> freebsd-questions at freebsd.org
> >> Subject: Re: Greylisting -- Was: Anti Spam
> >>
> >>
> >>
> >> On Apr 26, 2007, at 12:15 AM, Ted Mittelstaedt wrote:
> >>
> >>> There are legitimate technical reasons that someone may want their
> >>> mail
> >>> to not be greylisted.  For example, my cell phone's e-mail  
> >>> address is
> >>> in our monitoring scripts to page me in the event of a server  
> >>> failure.
> >>> I would be pretty pissed off if Sprint suddenly started
> >>> greylisting.  It
> >>> isn't just dumb-ass users making stupid political decisions to  
> >>> reject
> >>> it, although in your case it probably was.
> >>
> >> If it is a legitimate mail server, it would be promoted to the auto-
> >> whitelist.  Not all mail is constantly greylisted by most intelligent
> >> greylist systems.  Only the first few messages would be delayed,
> >> until it is established as legitimate.
> >>
> >
> > That won't work in my case since I generally only have a failure  
> > that causes
> > a problem which results in paging about once every 3 months or so.   
> > By the
> >  time the pages got through the
> > greylist it would be at least an hour later after the system had gone
> > down.  That isn't acceptable for a notification system.
> 
> What?  What do you mean, a failure that causes a problem which  
> results in paging once every 3 months?
> 
> If your mail server tries to contact another mail server and it can't  
> reach it, you're saying your mail server doesn't retry for an hour?
> 

If the monitoring system notices something down, I have to know about
it within a few minutes.  I cannot wait for the mailserver that sends the
page out to retry sending the page to the cell carrier's mailserver
in an hour.

Things go down rarely.  The moonitoring system is not continually sending
out pages to my cell phone every day.  Many times many months will pass
in between the monitoring system sending my cell phone a page.  If the
cell phone company was running greylisting, any whitelist entry for my
monitoring system would be gone by then.

> Even if it does take an hour, the fact that it retried the server on  
> the other side doing the greylisting means it would be whitelisted  
> after a couple mails.

But the whitelist would have expired by the next time there was a problem.

> If you're doing something SO critical that  
> three or four mails delayed an hour, until you're establishes as a  
> legit user, means life or death, you definitely should be doing  
> something that backs up how you communicate with other sites,

I'm monitoring systems at the ISP I work at.  No, it is not life or death
if a feed goes down for 3 hours and a bunch of people cannot download
their daily freebsd-questions mailing list fix.  At least, I don't think
so.  But they do.  And as their money that buys the ISP's product puts
the bread on my table, I have to do what they want.  And they want instant
response if there is a problem in the ISP's systems.  That won't happen if
the monitoring system's e-mails that get sent out when there is a problem
lie around in a mail queue for an hour waiting for a greylist at the
cell company to let the messages through.

Ted