On Thu, 8 Sep 2005, Stuart D. Gathman wrote:
FWIW, our base email bandwidth is 56K bits/sec - this is how much we consume
rejecting 30000+ bogus connections per day in SMTP envelope, with
no actual legitimate mail getting transferred. If I limit the connection
rate, then the latency for legitimate mail goes up by 5 or 10 minutes (I
know, big deal, but customers complain).
WILD IDEA
I had this kooky idea. Suppose I designate port 25 as the "bulk rate"
email port, and limit the connection rate. Then I designate another
port, say 587, as the "first class" email port.
You've just described justification for migrating to SMTP TLS as I
heard it couple years back. Its all available in most new versions
of SMTP software and BTW port number for it has been assigned and
is not 587 but 465. No, it has not caught up in great numbers yet...
The only thing somewhat new in your "WILD IDEA" is using throttling
on port 25 at the same time as promoting SMTP TLS use. Also not
anything new but unfortunately throttling has big disadvantage of
rejecting legitimate emails unconditionally ...
A better solution might be some form of greylisting where at the
connection level server lets the other server know it supports and
*prefers* TLS and the client has an option to immediately connect
either at SMTP TLS port 465 or at port 25 with STARTTLS and proceed
from there (rather then try again in 6+ hours with regular SMTP).
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com