Re: [exim] Exim outgoing emails throttling

Góra strony
Delete this message
Reply to this message
Autor: W B Hacker
Data:  
Dla: exim users
Temat: Re: [exim] Exim outgoing emails throttling
David Woodhouse wrote:
> On Wed, 2012-07-25 at 07:57 +0000, W B Hacker wrote:
>> Greylisting, OTOH, gets 'in your face' when broadly applied.
>>
>> I can't see playing the game where one smacks legit arrivals on first
>> sight just on general principle, then - 'maybe' - is kind enough to
>> whitelist those who ... actually hadn't set a foot wrong in the first
>> damned place.
>
> Sounds like you haven't read the wiki page that was referenced. It
> covers this fairly comprehensively.
>
>
>
>

Did that research. And more. Implemented and tested more than one
method. Many more.

Yes, there are 'shades of grey' so to speak. 'Good' implementations as
well as careless ones.

But I still don't see those as 'right way and wrong way' to implement
greylisting.

I see them as 'unproductive' and 'less unproductive'.

Too little gain for the effort at my end, too much nuisance to others at
the far end.

Why so? You had stated:

> But if that same mail comes from a host which lacks reverse DNS, or has
> an SPF 'fail' result, *then* you might want to greylist the mail.
> Because now you *do* have a reason to consider it 'suspicious'.


I CANNOT consider those as 'suspicious'. Or anything else.

If a submission failed rDNS it was kicked off the TCP/IP teat in
acl_smtp_connect.

Gone. End of story. Nothing left to anal-ize but a brief log entry.

rDNS is a test that Exim does so well - permitting DNS records that are
convoluted, arguably imperfect, but 'close enough' - that it basically
just *does not* give rise to 'false-positives'.

A small - VERY small - LWL covers the few correspondents with badly
broken DNS that one 'just has to' accept anyway 'coz end-users demand
traffic form their kinder with badly configured servers.

Most of those would fail SPF, DK, DKIM, even SA ALSO, so the LWL
maintenance (peak was 16 lines of it here) is unavoidable.

And far less work than trafficking in multiple successive layers of
complex band-aids.

YMMV of course.

Some folks (Perkel-San) make their bones, even their living, on stats as
to how much spam they 'deal with' instead of how little they ever see at
all.

Not only have the criminal and lazy forced the complexity upon us, they
have caused us to condition ourselves to defend it as normal, necessary,
and in need of expansion.

'Blessed are they who run round in circles, for they shall be known as
mailadmins'.

Bill
--
韓家標