On Thursday 09 October 2003 5:07 pm, Richard Pitt wrote:
His initial thought was to introduce a cycle in the MTA that would
reject all unknown sender/IP address combos the first time and allow
them the second within a (relatively) short period of time (say 1 hour
or 4 hours) since most spammers either don't retry at all, or retry the
next "cycle" which may be many hours later if they are in the millions
of addresses league.
Greylisting uses (client IP/sender/recipient) tuples as the unique key.
If you don't include the recipient it will not scale well enough to handle
domains with large numbers of users.
In any case, my point was not that this would be a long-term antispam
solution since spammers will eventually improve their software.
The point was with reference to the 'global adoption strategy' of turning the
screws on non-SPF sender domains beginning on July 4th. The problem is that
if SPF does not have critical mass by then, adopters will feel the pain of
blocking non-SPF emails and therefore won't do it. Hence the stategy fails.
By having a twilight period beginning July 4th 2004, where noncompliant mail
is simply delayed rather than blocked, the pain falls more heavily on the
senders rather than the adopters, who will see thair mailqueues grow rapidly.
With a dalay increase rate of 1 hour per month, the full adoption date (ie
full blocking) can be set back to, say, July 4th 2010. By that time
non-compliant deliveries will already be taking 3 days and I can't believe
there will be many domains that have not bothered to add a few simple DNS
records by that time. Six years is a pretty long window of opportunity, even
for morons.
Of course this is non intended to prevent individual recipient domains from
blocking right from the start. It is simply a gentler way of organising the
coordinated strategy.
- Dan
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡