ietf-smtp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: greylisting done at end of headers, or end of daya (QUIT) ?

2007-02-01 12:26:34
from [Carl S. Gutekunst] [Permanent Link] 

Valdis(_dot_)Kletnieks(_at_)vt(_dot_)edu wrote:

I stopped having sympathy for non-compliant good guys quite some time ago.
There's no excuse for it in this day and age, especially for the examples
you give.
The examples I gave were relevant only to the topic at hand: the costs of gray listing. It's a pretty small cost, and a cost I was happy to accept for three years, since it was stopping spam. It's not stopping any spam for me any more, so now the cost -- even though it was quite low -- has become too high.
As far as the more general problem of Good Guys doing bad things, I could spend all day on that; it's what I did for a living for the past 2+ years. Here's as brief as I can get:
There are a small number of compliance checks that work pretty well for almost anyone and have low cost. My favorites include accepting mail only at MX hosts, rejecting mail whose bounce address doesn't resolve, and rejecting mail from IP addresses that don't have a PTR. Nearly all of the Tier 1 ISPs do the same.
There's a much larger set of compliance checks that only work for specific user communities. Within those communities they work well, you can measure it. Within other communities they'll mostly just give you false positives. The trick is figuring out which ones do work, and then monitoring them, because what worked yesterday might now work tomorrow.
Specific example: I did some research on the accuracy of several anti-spam tools that perform volume sampling, comparing the results with known volumes. In the case of DCC -- a tool I used fondly for many years -- I noticed that I wasn't actually measuring overall Internet E-mail volume; I was sampling the nature of the E-mail lists to which DCC users subscribe. I found, for example, that DCC users like surveys and geekish mailing lists. But they don't subscribe to sex lists or sweepstakes, and they don't buy much stuff online from general merchandisers. It was pretty spooky, actually, data that a targeted marking guy would have loved.
The survey folks, the geek lists, and the sex sites send the squeeky cleanest most compliant mail you will ever find anywhere. (In the case of the sex sites, they have to: they've got the "bicycle shop in China" problem big time.) But sweepstakes and online general merchandiser's compliance is terrible. A filter that relied heavily on standards compliance would work very well for the DCC community. But for another community that likes sweepstakes and buys lots of stuff online, that filter is going to run into a load of false positives. 

<csg>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: greylisting done at end of headers, or end of daya (QUIT) ?, Valdis . Kletnieks
Next by Date:  Re: greylisting done at end of headers, or end of daya (QUIT) ?, Hector Santos
Previous by Thread:  Re: greylisting done at end of headers, or end of daya (QUIT) ?, Valdis . Kletnieks
Next by Thread:  Re: greylisting done at end of headers, or end of daya (QUIT) ?, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]