Dotzero <dotzero(_at_)gmail(_dot_)com> wrote:
On Tue, Jan 25, 2011 at 4:16 PM, Paul Ferguson
<fergdawgster(_at_)gmail(_dot_)com> wrote:
On Tue, Jan 25, 2011 at 1:14 PM, John Leslie <john(_at_)jlc(_dot_)net> wrote:
Reputation (as the name implies) is a prediction of the likelihood of
near-future behavior.
...based on previously observed behavior.
So, what exactly does this mean when behavior suddenly changes?
The reputation changes (almost as suddenly).
If a domain or IP address (was well behaved yesterday) but begins
spewing badness today, what will your company do as an arbiter of
whether mail is accepted by your customers?
If the badness is sufficient, they get a permanent error, until
I get around to clearing it.
If the bandess is slight, they probably get a temporary error.
Ideally they fix the problem, clear the badness from their retry
queue, and everything works fine a few hours later.
(OK, so more often they _don't_ clear the badness from their retry
queue, and their legitimate senders get SMTP warnings; but they stop
getting temporary errors after a week or so anyway.)
Will you allow that domain or IP address to spew badness? I highly
doubt it.
In some cases, I _do_ allow local cable providers to spew badness,
but that's because they're local and my particular customers are
more upset about missing one good email than receiving 100 SPAMs.
This is real-world (TM), not academia...
As some point once the spewing has subsided you may (automatically
or manually) again start allowing traffic through from that domain
or IP address.
Automatically is much better!
But that isn't really reputation in the traditional sense of the word.
I suppose when you use a word, you are entitled to mean "just what I
choose it to mean -- neither more nor less." Nonetheless, I contend
this is, exactly, "prediction of the likelihood of near-future behavior."
In the Internet, reputation can change in a few milliseconds.
But that brings me back to my original question. If reputation doesn't
prevent a site from getting throttled or blocked when it goes bad,
what does reputation mean?
I can but guess you think of reputation as "prediction" based on
ancient history (several days ago, at least). But that's foolish in
an Internet where hardly anything is more than one second away.
It doesn't particularly protect the site from the immediate
consequences of going bad.
Why should it?
At most, I think it should give a "good" site more leeway in
cleaning up the badness. (But to do that well, we need communication
of what will be done and when...)
It appears that the responses are authoritative (this domain or IP
is currently emitting badness) rather than reputational (this site
has a good reputation so I will accept badness from it on the
presumption they are going to address it).
Theres nothing "wrong" with the second kind of reputation service,
but neither is there much demand for it. Perhaps that's because
there's so little correlation between "we think they'll clean it up
RealSoonNow" and the actual responsiveness.
Besides, why should any of us let through known badness even if
the prediction were true? Why shouldn't we instead keep giving
temporary errors until the badness is removed (or expired) from
their retry queue?
I will grant that there may be some small slack cut based
on reputation but does it really extend that far?
In a well-designed system, it could certainly extend to stopping
the temporary errors after a contracted number of hours to clean
things up.
(And, BTW, yes, I have gone through postfix retry queues, removing
badness. It leaves me feeling _quite_ annoyed with the (ex-)customer.)
--
John Leslie <john(_at_)jlc(_dot_)net>
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg