At 15:35 29/06/2005, Keith Moore wrote:
Fair statement, but I contest the >50% simply because that will imply at
least 49% of all CBV sessions would fail due to a 35 timeout which is
clearly not the case.
you were the one that said majority. majority means more than half.
in my experience something like 1% of CBV sessions fail due to a 60 second
timeout. and the failures aren't randomly distributed - the same domains
keep failing over and over. but it's important to deliver mail from those
people.
if you're going to do CBV you need to do the same things that an MTA would
do in trying to deliver mail to an address, before declaring the address
to be invalid. this implies not only implementing the single-session SMTP
timeouts but also being persistent in your attempts to validate the
address (so that a brief network or server outage doesn't make the address
appear invalid)
yes, this is a performance issue, but you might be able to finesse it with
a cache. e.g.
Personally, I'd say that something like CBV should probably treat a failure
such as a timeout or a 4xx SMTP error (eg 'mailbox full') as a (possibly
non-cached) pass. Only a 5xx failure should be treated as indicating that
the email address is incorrect.
CBV is such a 'vague' test that treating a temporary failure as a sign of a
bad email address would be too pessimistic.
At the worst case, this would let through a bit of spam. Its far worse to
block non-spam than it is to let through spam, so the safe 'failure' mode
is to treat temporary failures as passes.
If the CBV checking MTA is timing out too soon and letting through too much
spam, then it's simply up to the administrator of that to increase their
timeout if they wish. I really can't see any other way of doing it. CBV
can't set a performance requirement on other SMTP servers that is other
than that specified in RFC 2821
Paul VPOP3 - Internet Email Server/Gateway
support(_at_)pscs(_dot_)co(_dot_)uk http://www.pscs.co.uk/