[Top] [All Lists]

Re: We need an IETF BCP for GREY LISTING

2011-10-12 09:31:31


Yes, for some systems, GL seem to have become part of their existing load management (or the other way around). So the retry hint can be (optionally) implemented as part the servers overall management. That would be certainly something to consider for our own system which is currently separate. The load management is inherent part of the C/C++ SMTP receiver, and the Greylisting is an add-on p-code component hook into the DATA state. The scripting language has inherent API access the SMTP setup so this would be easy. The C/C++ receiver can read the wcGreyList.INI too, so its all doable here. Thanks for this reminder. :)

Yes, a simple structured BCP response with keyword (retry: or retry=) to key in on is all that is needed.

Real Bad guys will never follow anything and that is what GL helped protect against. But even if some bad guys adapt from this, so what? As long as they had a normal MTA following SMTP retry recommendations, they will never have an issue anyway. I don't see any downside to this.

Thanks Paul.


Paul Smith wrote:

Having thought about this a bit, I can't see any problem with a BCP or even with the server saying 'try again in 5 minutes' (or whatever)

Yes, you may say that this will help spammers - well, if spammers are able/willing to 'try again in 5 minutes', they will already be doing so, thus getting around greylisting. If they aren't (for whatever reason), then they'll probably also ignore the 'try again in 5 minutes' response.

They obviously know about greylisting, so apparently many have decided not to bother with it for some reason. Why would telling them the retry time make them change their minds about this?

However, the 'try again in 5 minutes' information will help legitimate senders/receivers who want to take advantage of the feature, so it has a definite up-side, and a dubious down-side. As previously mentioned, the 'try again in 5 minutes' response doesn't need to be limited to grey-listing but could be used for load management as well.

It wouldn't even need to be much, just respond

421 4.2.x [retry:300s] connection refused for now. Try again later

it wouldn't interfere with MTAs which don't understand it, and would give a hint to those which do.