On 8/11/2010 8:30 AM, ned+ietf-smtp(_at_)mrochek(_dot_)com wrote:
Completely agree for several reasons, including that the only senders
that take advantage of "as fast as you can process" scenarios are
spammers. If I take a second or two to accept a message from a legit
sender they neither know nor care. But to a spammer, the faster we
receive and delivery the more mail gets through before a content filter
or blocklist can update. We saw this happen when we migrated to our
current system 3 years ago. Spam was delivered at many hundreds of
times faster than mail from AOL, Hotmail and Gmail combined. Responding
as quickly as my system will allow with<CRLF>.<CRLF> helps no one I
want to help.
You know, that's very nicely put. I'm going to use that last line the next time
this comes up.
Isn't this effectively a form of greylisting?
I've seen mixed results with greylisting, given that some legit senders have
SMTP clients that are, well, problematic. (Nearly lost a consulting gig because
the initial query note got mishandled from greylisting.)
In any event, to the extent it's good to add some delay, the question is how
much. The other question is why this is good for long-term -- since
specifications last for a decade or two -- and that bad actors won't simply
adapt as the behavior becomes institutionalized.