[Top] [All Lists]

Re: Fixing graylisting [was TBR]

2007-11-13 09:46:52

John Leslie wrote:
   We could in principle accomplish that by keeping the SMTP connection
open for however long that takes; but this feels wrong to me: it's
probably cheaper for the spammer to keep a botnet connection open than
it is for me to keep TCP state for a million spams.

   The "fix" Doug and I put into TBR is to extend the time to formal
handoff, by any amount the receiving mail system may choose, which
accomplishes much of what keeping the TCP connection open would -- at
a far smaller cost (the queue of URIs could be written to disk, for
one example).


Although only a near-term, tactical benefit, greylisting directly impacts mail from bad actors. It's serious downside is that it also impacts first-time mail from good actors.

In contrast, your scheme will only be used for mail from good actors. This is exactly the mail that does *not* need to be held up. So the mechanism increases delay and at least doubles the transaction load for mail from good actors, while having no impact on mail from bad actors.

Where is the benefit, here?



  Dave Crocker
  Brandenburg InternetWorking