Re: [Asrg] Greylisting BCP

On 10/18/11 12:42 PM, Daniel Feenberg wrote:

On Tue, 18 Oct 2011, Murray S. Kucherawy wrote:
After some chatter inside MAAWG and on the ietf-smtp mailing list,I’ve started anoutline for a BCP on the practice of greylisting. The main purpose isto explainwhat it is, discuss the pros and cons of its variants, and give somerecommendationsfor implementation and configuration for a few example installationsand policies.
The draft (which is currently only an outline) is here:
https://datatracker.ietf.org/doc/draft-kucherawy-greylisting-bcp/



Comments welcome.
Where should comments go? I have a question really, though it might beconstrued as a comment. Why do greylisters match on the (sender,receipient, MTA) triple rather on just the MTA? Isn't it nearlycertain that if an MTA returns for one sender/receipient pair, it willreturn for any pair? So that keeping track of all three seemsunnecessary and increases the probability of a message being delayed.What am I missing?

Grey listing challenges stateful processing of the sender to test anoften erroneous assumption that bots sending spam don't maintain state.Thanks to grey listing, many bots retry against the same recipients,just not always with the same message. Heuristic methods are quicklydefeated once deployed on enough systems. Defining practices for failingconcepts seems misguided since such heuristics are likely to make othererroneous assumptions related to the nature of the outbound MTA.

We employ temp errors to prioritize limited resources which may delaysources with lower reputations. When they are in the middle of somecampaign, the delay may persist until their run completes. There wouldnot be any way to predict how long that might take, nor would any hintlikely affect the average bulk sender focused on completing their runs.We are about to publish a list that categorizes this type of behavior.

I agree it would make more sense to focus on knowing which domain_controls_ the outbound MTA without umpteen additional transactions.With outbound MTA authentication, receivers would have a sure and robustbasis for avoiding abusive transactions, where grey listing would beconsidered wasted efforts.


-Doug



_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [Asrg] Greylisting BCP, (continued) Re: [Asrg] Greylisting BCP, Martijn Grooten Re: [Asrg] Greylisting BCP, Joe Sniderman Re: [Asrg] Greylisting BCP, Jose-Marcio Martins da Cruz Re: [Asrg] Greylisting BCP, Jose-Marcio Martins da Cruz Re: [Asrg] Greylisting BCP, Murray S. Kucherawy Re: [Asrg] Greylisting BCP, Chris Lewis Re: [Asrg] Greylisting BCP, Jose-Marcio Martins da Cruz Re: [Asrg] Greylisting BCP, Paul Smith Re: [Asrg] Greylisting BCP, Peter J. Holzer Re: [Asrg] Greylisting BCP, Murray S. Kucherawy Re: [Asrg] Greylisting BCP, Douglas Otis <= Re: [Asrg] Greylisting BCP, Murray S. Kucherawy Re: [Asrg] Greylisting BCP, Dave Warren Re: [Asrg] Greylisting BCP, Jose-Marcio Martins da Cruz Re: [Asrg] Greylisting BCP, Douglas Otis Re: [Asrg] Greylisting BCP, Peter J. Holzer Re: [Asrg] Greylisting BCP, Murray S. Kucherawy [Asrg] Microsoft takes over British Telecom, t.petch Re: [Asrg] Microsoft takes over British Telecom, Scott Howard Re: [Asrg] Microsoft takes over British Telecom, Steve Atkins Re: [Asrg] Microsoft takes over British Telecom, David Romerstein