Matthew,
Your comments on greylisting are interesting.
Personally I think that greylisting is indeed a very clever idea.
At the same time, there is no denying that it does overload the
"TEMPFAIL" semantics of SMTP with a semantics that was probably not
originally intended for use in this manner in the first place. So in the
long term, we'd want to move towards a more systematic mechanism.
One other concern is that spammers will adapt to greylisting as well
sooner than later once it starts affecting their bottomline. Greylisting
is still a purely sender push-based model that leaves the receivers
in a reactive mode.
DMTP differs from greylisting in how receiving MTAs
(RMTAs) react to "unclassified" sending MTAs (SMTAs).
(unclassified = neither in whitelist or blacklist).
In greylisting, unclassified SMTAs are asked to push
the message again later. With DMTP, the RMTA pulls the
message from unclassified SMTA only if and when the receivers
are interested.
In addition to being (1) a systematic receiver-pull
mechanism, as you noted, (2) DMTP reduces the
delivery latency for legitimate senders (a small intent message
can be delivered immediately) and (3) provides a larger time
window for blacklists to be effective.
That said, we did carefully consider using greylisting itself as part of
the incremental deployment phase of DMTP. Specifically,
when a non-DMTP-compliant unclassified SMTA attempts
message delivery to a DMTP-compliant RMTA, the SMTA can be
discouraged by use of greylisting-like mechanism. We still think
it is a highly feasible alternative to the challenge-response
based mechanism currently described in Section 3.6 of the draft.
- Kartik
On 5/6/05, Matthew Elvey <matthew(_at_)elvey(_dot_)com> wrote:
<snipped>
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg