On Wed, Jul 8, 2009 at 2:25 PM, Chris Lewis<clewis(_at_)nortel(_dot_)com> wrote:
John Leslie wrote:
More useful is something like, "Hotmail MTA #49 is sending more spam
than usual right now: more severe graylisting might be called for."
What good does graylisting do to a real MTA? Unless MTA #49 is sending you
enough email that forcing it to requeue causes it problems, it won't do
anything useful.
We've tended to let our automated defenses "fire where they may". If MTA
#49 is sending us so much spam that the defenses fire, they fire, and we
don't whitelist.
+1
I think whitelisting has value in forcing senders that want to reach
certain receivers to engage in certain practices. I don't know that
whitelisting buys (or should buy) a sender protection from their own
bad practices. I will add a caveat to what Chris says. Some receivers
do a really good job of tuning their automatic defenses. Others are
not so careful.
If the problem gets bad enough, we block /24s worth. With MSN and Yahoo,
that turns out to work particularly well, because at least with Nigerian
floods and their provisioning methods, specific /24s tend to be
substantially worse than others.
Then we make a big public & private noise. And sometimes things get better.
Sometimes they do. I believe der mouse commented about the big ISPs
not caring. I think they do but are having to deal with aggressive
attacks abusing their systems. On the other hand, life isn't fair <G>.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg