[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: greylisting on debian.org?

This one time, at band camp, Magnus Holmgren said:
> On Sunday 16 July 2006 04:35, Thomas Bushnell BSG took the opportunity
> to write:
> > Stephen Gran <sgran@debian.org> writes:
> > > I suggest that when we find a domain that sends mail from 120
> > > /27's (roughly a /20), we worry about it then.
> >
> > An excellent strategy.  
> I think so. How many systems (aside from the "big ones" like MSN,
> Gmail, ..., which are generally known) do you estimate would be
> affected? At most sites outgoing messages stay with the same host
> until delivered, except after the initial delivery attempt a
> temporarily failed message may be passed to a "secondary" MTA.

It's not uncommon for big sites to have pools of high throughput
machines that don't have qrunners, and larger pools of machines that do.
The first group gets a message, and tries to deliver immediately, and
any temporary failure gets the messages shunted to the secondary pool.
Once in the secondary pool, it can be bounced from machine to machine
to load balance queue size and so on.

That being said, the original query about this was a strawman argument
designed specifically to find a problem, and I would say fairly
confidently we don't need to worry about this.  I have analyzed the logs
on mail servers I have access to, and I cannot find any site which passes
a message between more than a half dozen or at most a dozen IP addresses
before delivery.  This is two or three orders of magnitude less than
the kind of thing Thomas and others are concerned about.  By the time
sites big enough to use pools that big exist (which I actually doubt -
scalability might just be too hard to manage to be worth it), greylisting
will be another dead tool in the arms race with spammers.

So far, all the arguments against the idea have just been assertions and
strawmen.  Unless someone can present a serious argument, can we
consider this thread done?

Take care,
|   ,''`.                                            Stephen Gran |
|  : :' :                                        sgran@debian.org |
|  `. `'                        Debian user, admin, and developer |
|    `-                                     http://www.debian.org |

Attachment: signature.asc
Description: Digital signature

Reply to: