On Nov 12, 2007, at 8:34 AM, Tony Finch wrote:
Tony,
When the SMTP client's reputation is unknown, an SMTP server is
unlikely to Perm Error at the EHLO. Temp Errors at this point might
be used to discern whether the SMTP client keeps state, as with
greylisting. Temp errors might also be used to delay acceptance when
a spam campaign is detected as being active at an SMTP client
handling messages from both good and bad actors. TBR provides a safe
alternative to greylisting and temporary holds. TBR makes makes an
additional demand on recipient resources only in cases where the
message source is actually trusted. However, for those sources,
normal delivery can be used. When a message does get fetched, this
additional burden of TBR still represents less than that required for
other source identification schemes.
On Mon, 12 Nov 2007, John Leslie wrote:
Doug Otis and I have been working up a proposal for a SMTP
extension to shift some of the burden of spam abatement away from
the receiving SMTP servers towards the originator.
http://www1.ietf.org/mail-archive/web/asrg/current/msg12022.html
This critique does not apply for a few reasons. The sender is unable
to lie about the message source, and determining the source will not
cost the recipient additional resources. Accepting and then
processing a 512 byte message results in fewer packet exchanges than
would refusing 2 or more multi-KB messages. (At today's level of
spam, this could be estimated +20 at +8 KB.) With TBR, the recipient
is permitted to decide at anytime after receipt whether to perform a
subsequent process (fetch or store and forward). The typical
percentage of undesired versus desired email results in the added
extension being far less resource intensive. TBR offers greater
leeway in safely handling difficult cases.
-Doug