On Sun, Feb 08, 2004 at 01:51:38PM +0000, Alan J. Flavell wrote:
> After experiencing some fairly aggressive retries (5-6 minute interval
> over a period of over 12 hours, until it was noticed and hit on the
> head) from the MTA of a major provider, I've been musing over whether
> exim has any effective defence mechanisms against such misbehaviour.
Exim doesn't, but a good algorithm is to use exponential decay to calculate
your delays. This is basically what SAUCE does.
> Sure, this is not so bad as the hopelessly-broken MTAs that repeatedly
> retry within seconds, but at least that behaviour is so extreme as to
> justify an immediate blacklisting, whereas the 5-6 minutes retries,
> although in violation of the RFC requirements, are more in the nature
> of a nuisance than a real denial of service, as long as there aren't
> too many of them at the same time.
In effect, delay=(<prev_delay> * e^(-k(<t_now> - <t_prevdelay>))) + j
where j and k are constants, that you tweak as to how much you want the
delay to work. Of course, you probably want to cap it and apply other
functions to the output of this to calculate the real delay.
Cheers
MBM
--
Matthew Byng-Maddick <mbm@???> http://colondot.net/
