[Top] [All Lists]

Re: We need an IETF BCP for GREY LISTING

2011-10-25 13:32:20

Hector wrote:

I.e. why does it help that someone give the hint "gray listed in 5 minutes" but the gray listing is 7, instead of today when no hints are done at all (in a parseable way)?

I personally do not think this is a reasonable objection for the reasons stated above. An intentional lie doesn't do anything more than to hurt yourself and probably more so than the MTA.

Nonetheless, it probably should be noted very strongly in the proposed spec that a MTA be watchful of liars who are wasting everyone's times with false retry=time hints.

For the next draft, section 3.1.2 SMTP Client Implementation section now has SHOULD|MUST|MAY [NOT] language. I just added the last paragraph regarding erroneous retry=time hints by servers.

   3.1.2.  SMTP Client Implementation


   NEEDS REVIEW: If a SMTP server offers a retry=hint which results in a
   wasted 2nd attempt and requires additional attempts, the SMTP client
   MAY begin to ignore the server's retry=hints after the 2nd wasted
retry. The SMTP client implementation can decide what limits to place
   on honoring retry=time hints and wasted attempts it provides.

Does this satisfy your concern?

The goal of the SMTP greylist extension is to address the current wasted attempts and delayed delivery times by offering a method to move the waste to the lowest impact boundary which is expected to be two attempts at most by leveraging server rety=time hint information. If the 2nd attempt fails, that could mean other reasons beside a "Intentional Liar." I believe the MTA will need to watchful of the rescheduling adjustments using retry=hint do not actually cause additional attempts before two. While its possible that a liar can exist, I don't see any value why it would exist unless it was 100% malicious in nature, i.e. A Greylist Honeypot per se or any server for that matter that will might also reject no matter way.

Regardless of the server reasons, the MTA using the retry=hint can simply limit it's usage to the 2nd attempt only and if that doesn't help, than its back to square one with that particular server that is more than likely a stupid server anyway you should stay away from.