ietf-smtp
[Top] [All Lists]

Re: Fixing graylisting [was TBR]

2007-11-13 13:04:37

Dave Crocker <dhc(_at_)dcrocker(_dot_)net> wrote:
John Leslie wrote:

The "fix" Doug and I put into TBR is to extend the time to formal
handoff, by any amount the receiving mail system may choose, which
accomplishes much of what keeping the TCP connection open would -- at
a far smaller cost (the queue of URIs could be written to disk, for
one example).

Although only a near-term, tactical benefit, greylisting directly
impacts mail from bad actors.

   I wouldn't describe it as "only near-term". I don't notice folks
abandoning graylisting in droves. When graylisting is used to buy time
to gather enough reputation information, its long-term benefit can be
substantial.

Its serious downside is that it also impacts first-time mail from good
actors.

   First-time email from originators who haven't yet developed a
reputation, alas, _deserves_ to be delayed.

In contrast, your scheme will only be used for mail from good actors.

   That's not as certain as you think. Many spammers seem to choose
their customers for stupidity, and such customers might well believe
that the spammer has delivered on their promise merely by delivering
the TBR. In any case, we cannot _assume_ only good actors will use
TBR.

This is exactly the mail that does *not* need to be held up.

   The world is not merely stranger than you imagine: it is stranger
than you _can_ imagine.

   The mail which "does not need to be held up" is mail from well-known
and trusted senders. Anything else may well be abusive in someone's
eyes. Hopefully, graylisting won't be applied to the first kind.

So the mechanism increases delay

   Measurably, probably; perceptibly, probably not.

and at least doubles the transaction load for mail from good actors,

   I continue to ask you for the basis of this calculation. I'm _not_
going to guess what you mean by this, Dave!

while having no impact on mail from bad actors.

   With the spam load generally acknowledged to be 90% or more, it
would be a major victory to _have_ a mechanism used only by good
actors. We could double our resources devoted to the 10%, and the
overall cost would barely twitch.

   We don't _need_ any impact on mail from bad actors beyond setting
our graylisting parameters to graylist harder when our network load
is higher -- thus giving priority to what we classify as "good actors".

Where is the benefit, here?

   There isn't only one benefit. Greylisting without encouraging a
doubling of SMTP traffic would be a benefit. Smoothing network load
by scheduling TBR retrievals would be another. There's the benefit
of having a mechanism available to those who must work from Cable
Internet addresses which are increasingly blacklisted. And please
don't forget the benefit of transferring an immutable message text.

--
John Leslie <john(_at_)jlc(_dot_)net>