Greylisting -- Was: Anti Spam
bsilver at chrononomicon.com
Mon Apr 30 19:16:46 UTC 2007
On Apr 30, 2007, at 6:19 AM, cpghost wrote:
> On Mon, Apr 30, 2007 at 01:16:23AM -0700, Ted Mittelstaedt wrote:
>> The system that would cause problems if it ran
>> greylisting is not MY system. It's the mailserver owned by the
>> company that I am sending to. If they went and installed
>> it is highly unlikely I could get them to whitelist me. (have you
>> ever, for example, tried to get a system off AOL's internal
> Yes, that's indeed a problem; but how likely would that be?
> Cellular operators know that their clients expect speedy
> delivery of SMS, including those sent via SMTP. They know
> better than to introduce greylisting latency at the gateway
> when there's already normal latency at the SMSC.
> Have you confirmed with your cellular operator that they
> don't offer additional gateways; e.g. based on ICQ, HTTP
> and whatnot? Most likely, they don't offer SMPP-over-TCP
> connections to end-users ( http://www.smsforum.net/ ),
> but probably to a couple of third-party providers that
> you could use instead?
This won't work because you're suggesting he change the system he
likes. No matter what, greylisting to him is apparently impossible
because users need their email as an instant messaging service. The
possibility of establishing a domain into a whitelist or testing a
connection and notification system periodically, which would put his
domain into their imaginary whitelist, is simply too inconvenient,
unlike the deletion of spam that a greylist could have prevented
coming into my inbox. That apparently isn't inconvenient or annoying
in the least.
I apparently hold the wrong view. I think greylisting is still a
pain in the butt for spammers. It causes mail servers to have to
take the time to retry email, something spammers don't like wasting
time doing. If they're doing something to spoof connections then the
mail would not even retry because it's going to an illegitimate or
nonexistent mail server. But none of this is possibly even a
percentage of help for your mail server. Apparently the extra layers
to try slowing or easing the load on your server is a waste because
it's *possible* to bypass it without resorting to math magic like the
stats poisoning used against SpamAssassin now.
For me, I want to slow their servers and waste their resources, just
like they waste my CPU and storage space. I don't use email as an IM
service nor do I use it as a critical availability service without
investing lots and lots of money on redundancy, so I don't see the
problem with companies using greylisting.
More information about the freebsd-questions