Greylisting -- Was: Anti Spam

Bart Silverstrim bsilver at chrononomicon.com
Sun Apr 29 10:40:04 UTC 2007


On Apr 29, 2007, at 5:00 AM, Ted Mittelstaedt wrote:

>
>
>> -----Original Message-----
>> From: Bart Silverstrim [mailto:bsilver at chrononomicon.com]
>> Sent: Saturday, April 28, 2007 5:01 PM
>> To: Ted Mittelstaedt
>> Cc: Eric Crist; Grant Peel; Christopher Hilton;
>> freebsd-questions at freebsd.org
>> Subject: Re: Greylisting -- Was: Anti Spam
>>
>>
>>
>> On Apr 28, 2007, at 5:25 AM, Ted Mittelstaedt wrote:
>>
>>>
>>>
>>>> -----Original Message-----
>>>> From: Bart Silverstrim [mailto:bsilver at chrononomicon.com]
>>>> Sent: Friday, April 27, 2007 1:58 PM
>>>> To: Ted Mittelstaedt
>>>> Cc: Christopher Hilton; Grant Peel; Eric Crist;
>>>> freebsd-questions at freebsd.org
>>>> Subject: Re: Greylisting -- Was: Anti Spam
>>>>
>>>>
>>>>
>>>> On Apr 26, 2007, at 12:15 AM, Ted Mittelstaedt wrote:
>>>>
>>>>> There are legitimate technical reasons that someone may want their
>>>>> mail
>>>>> to not be greylisted.  For example, my cell phone's e-mail
>>>>> address is
>>>>> in our monitoring scripts to page me in the event of a server
>>>>> failure.
>>>>> I would be pretty pissed off if Sprint suddenly started
>>>>> greylisting.  It
>>>>> isn't just dumb-ass users making stupid political decisions to
>>>>> reject
>>>>> it, although in your case it probably was.
>>>>
>>>> If it is a legitimate mail server, it would be promoted to the  
>>>> auto-
>>>> whitelist.  Not all mail is constantly greylisted by most  
>>>> intelligent
>>>> greylist systems.  Only the first few messages would be delayed,
>>>> until it is established as legitimate.
>>>>
>>>
>>> That won't work in my case since I generally only have a failure
>>> that causes
>>> a problem which results in paging about once every 3 months or so.
>>> By the
>>>  time the pages got through the
>>> greylist it would be at least an hour later after the system had  
>>> gone
>>> down.  That isn't acceptable for a notification system.
>>
>> What?  What do you mean, a failure that causes a problem which
>> results in paging once every 3 months?
>>
>> If your mail server tries to contact another mail server and it can't
>> reach it, you're saying your mail server doesn't retry for an hour?
>>
>
> If the monitoring system notices something down, I have to know about
> it within a few minutes.  I cannot wait for the mailserver that  
> sends the
> page out to retry sending the page to the cell carrier's mailserver
> in an hour.

Ted, usually I find your posts intelligent and food for thought, but  
I almost think you're doing this on purpose now.

When you're setting it up, you would set up manually to have your own  
system whitelisted.  I would assume that if you really don't own your  
own domain/mail system, you still would have a provider that would  
whitelist *themselves* so you could send the email from your provider  
to yourself.  If you're using SMS, I would personally either tell my  
phone provider about it or send a few messages myself to have it  
whitelist the entry and then periodically test the system, since  
really you should be testing such systems periodically anyway (and  
make sure the listing is still working).

You said yourself you use greylisting, I thought.  Don't you already  
have a system like this in place?

> Things go down rarely.  The moonitoring system is not continually  
> sending
> out pages to my cell phone every day.  Many times many months will  
> pass
> in between the monitoring system sending my cell phone a page.  If the
> cell phone company was running greylisting, any whitelist entry for my
> monitoring system would be gone by then.

We rarely lose power to the buildings, but our generator system still  
kicks over once a week to test.  Why can't you send a page once or  
twice a week to make sure it's working properly?  Things change,  
things get reconfigured or hiccup, and if this is that critical to  
you, what's the harm in one or two text messages a month to your  
phone saying "howdy?"  I mean c'mon...it's so important you must be  
notified ASAP, but you can't afford to have it test the connection  
periodically is what it sounds like you're saying.

>> If you're doing something SO critical that
>> three or four mails delayed an hour, until you're establishes as a
>> legit user, means life or death, you definitely should be doing
>> something that backs up how you communicate with other sites,
>
> I'm monitoring systems at the ISP I work at.  No, it is not life or  
> death
> if a feed goes down for 3 hours and a bunch of people cannot download
> their daily freebsd-questions mailing list fix.  At least, I don't  
> think
> so.  But they do.  And as their money that buys the ISP's product puts
> the bread on my table, I have to do what they want.

It's an interesting conundrum that people will bitch about how stupid  
their users are yet will turn around and give them "what they want"  
to the point where it encourages their bad habits and their reliance  
on bad practices and their ignorance.  I'm not saying you're doing  
this, this is just a general observation.

-Bart



More information about the freebsd-questions mailing list