Dave Crocker wrote:
Although only a near-term, tactical benefit, greylisting directly
impacts mail from bad actors. It's serious downside is that it also
impacts first-time mail from good actors.
Which can be minimized, to a near "unfelt" impact by simple fine tunning
of SMTP router/sender frequency tables, in particular the 2nd attempt.
RFC-2821 currently recommends/states:
188.8.131.52 Sending Strategy
The sender MUST delay retrying a particular destination after one
attempt has failed. In general, the retry interval SHOULD be at
least 30 minutes; however, more sophisticated and variable strategies
will be beneficial when the SMTP client can determine the reason for
The insights were laid out for variable (time/retry) strategies, making
it possible for Greylisting to work with minimal to no significant impact.
It is when you (speaking in general) are setting there waiting or
expecting a message, and it doesn't arrive is what raises the hair of
people. But most people just press the "send" button and while they
might expect "instant" send off because they know how their own mail
system works, they won't be surprise if there isn't instant reception
because they can't presume to know how the remote end works. The same
concept applies in telecommunications flow controls designs.
I was really skeptical of GL, but when it was implemented right with
proper fine tuning of SMTP to minimize impact, it is really one of those
Ronco's "Set it and Forget it" ideas. :-)
My recommendation for 2821bis is to include some insights about or how
"variable strategies" plays a bigger roles these days and in fact, might
be almost an "necessity" for improved modern operations these days -
thats dealing with the realities we have out there. Even if I didn't
want to incorporate GL into our own system, the sending retry strategies
had to be reconsidered due to increased remote GL systems.
My 2 pennies.
Hector Santos, CTO