At 2:27 am +0100 18/6/2007, Sabahattin Gucukoglu wrote:
However, in environments where clustering, proxying, load balancing or
gatewaying are used to share the load of distributing mail from an
identical source, greylisting will delay mail for longer than is necessary
if multiple attempts happen to be made by different hosts in a cluster.
If that is a problem for operators of such a system, they can always
change it so that attempts for a particular transaction are always
retried from the same IP.
I don't think making such a system hang around on a connection for 5
minutes is gaining them anything compared to having the same node in
a cluster retry again 5 minutes.
I think that's everything. Please let me know what you think. Is it
feasible? What would the implementers say? Are the assumptions I've made
bad or violating anything?
In the MTA I write, graylisting isn't just used as an anti-spam
mechanism, it is also used in combination with connection
prioritization and some other features to try and minimize the impact
of DDoS attacks. Holding connections open for significant periods of
time rather than quickly returning a 4XX response would be
incompatible with that.