* Adrian 'Dagurashibanipal' von Bidder (avbidder@fortytwo.ch) wrote: > On Friday 26 November 2004 03.34, Stephen Frost wrote: > > * Adrian 'Dagurashibanipal' von Bidder (avbidder@fortytwo.ch) wrote: > > > <plug> > > > And, of course, postgrey as the very first line of defense. > > > </plug> > > > Coupled with the usual checking on HELO (blocking 'localhost' HELOs and > > > my own IP does wonders!), SMTP protocol conformance (pipelining), > > > sender (envelope) address checking. > > > > Things which increase the load on the remote mail servers are *bad*. > > That would include responding with temporary errors unnecessairly and > > adding unnecessary delays in communication. pipelining by itself isn't > > necessairly terrible- adding things like 2 minute delays is bad though. > > I'm happy to queue my outgoing email if the remote end uses greylisting, as > I expect the remote site to queue my incoming mail with my greylisting. That's nice, obviously you don't handle much mail. > Add to the the fact that amongst the mail senders big enough so that the > queue size matters are probably many of those ISPs with badly policed > (DSL/cable) network, operating the spam zombies which cause me to use > greylisting in the first place... That's a *terrible* and just plain stupid assumption. Queue size makes a difference to me, both on a machine I run for some friends and in the part-time work that I do for a small ISP (which, hey, doesn't even provide DSL or cable modem service). Queue size matters to universities who are draconian about their policing, and I'm sure it matters to the 'good' ISPs too. Let me tell you that if you use that greylisting crap against the servers that *I* run your mail will get dumped into a secondary queue which is processed at a much slower rate. I won't slow things down for others because of a few idiots who can't figure out how to configure their mail servers. > About pipelining: what postfix does is enforce proper use of pipelining: the > sender may only start pipelining requests when it has actually seen that > postfix does support pipelining. Regular mail servers never notice this, > but some stupid spammers just push the request out without waiting for > responses at all - these are rejected. That'd be why I said that pipelineing isn't really an issue but adding in random unnecessary delays is bad, which is something that's been advocated in a number of places and ends up increasing the load on my mail servers. Stephen
Attachment:
signature.asc
Description: Digital signature