[Top] [All Lists]

Re: RFC3463, 450 reply codes, and 4.7.1 extended codes.

2005-05-09 08:10:31
On Mon, 09 May 2005 10:58:25 EDT, John Leslie said:

   It's pretty clear that the final line is merely an opinion: thus nobody
_should_ get uptight about you using it.

   Alas, I suspect the opinion may still be correct...

   What is the _benefit_ of telling a spammer you're greylisting him?

The general opinion is that most spamware is "fire and forget"(*), and that
handing them *any* 4XX is sufficient because they won't retry.  The 4.7.1
is there for the *non-spammer*s benefit, so that they understand that
they've been greylisted.

Of course, one of these days (probably right around the time everybody
starts greylisting), the spamware will actually start listening to the
reply codes....

(*) Most egregious fire-and-forget I've seen stuck all the data onto the
initial SYN (HELO/MAIL FROM/RCPT TO/DATA/./QUIT) and was obviously planning
to take advantage of a MTA that would be helpful when scanning the input
buffer and automagically undo the overambitious pipelining.  The second
packet it sent (in response to the SYN+ACK) was an ACK+FIN.  Gaak. ;)

Attachment: pgp8DsjnvZBNN.pgp
Description: PGP signature