Re: [exim] per recipient domain throttling

Top Page
Delete this message
Reply to this message
Author: Chris Siebenmann
Date:  
To: Jeremy McSpadden
CC: exim-users@exim.org, cks, Julian Bradfield
Subject: Re: [exim] per recipient domain throttling
> > On Aug 21, 2015, at 12:02 PM, Julian Bradfield <jcb@???<mailto:jcb@inf.ed.ac.uk>> wrote:
> > How can I throttle the number of delivery attempts to a given
> > recipient domain (NOT per MX)? Say, no more than one delivery
> > attempt every 5 minutes.
> >
> > One of my users has her mail forwarded to gmail, and since gmail
> > (correctly) recognizes that lots of it is spam, it rate-limits me
> > in my attempts to send it - and then since all of it gets re-tried
> > every time the queue is run, it takes hours or days to get back to
> > being able to send mail to gmail without delay.
>
> Did you just admit it was spam ..


Welcome to university mailer life, where you will find plenty of
(long-term) users who say 'forward all of my incoming mail to GMail, yes
I mean *all* of it, even the mail that your anti-spam system thinks is
spam'.

Sometimes this is because your users are hitting their problem with
handy but blunt tools and you can help by giving them an easy option
to eg forward all non-spam (or at least all things you think aren't
spam; GMail may disagree and frequently does for us). Sometimes this is
because your users don't trust your mail system's anti-spam work and
they want GMail to do it instead. Sometimes this is because users plain
don't trust your mail system and want your mail system to have as little
to do with their email as possible.

(Some people in industry are now saying 'just make a policy that you
can't do that'. This doesn't work at universities for any number of
reasons. If you can get the political backing to push it hard enough,
you'll find that people basically abandon using their university email
address and your professors and graduate students start just telling
people to use their GMail or whatever addresses[*].)

Our incomplete local solution is that all forwarded email that we
think is spam is shuffled off to a separate Exim server to be sent to
wherever. This server has its own queue and its outgoing IP address gets
to have its own distinct reputation, hopefully keeping our main mail
forwarding system with a better ability to get email through to places.

(Someday we may have to go to something more extreme, for example
shuffling all forwarded external email off to a separate outgoing
machine. This would at least preserve the ability of people inside the
department to promptly email other people who forward their mail to
GMail.)

    - cks
[*: Life is entirely hopeless with undergrads. Don't even bother trying.
    As a sane undergrad, there is essentially no reason you should
    use your university's email system except maybe for internal
    correspondence with professors, TAs, and the administration, and
    for getting official notices from same.
]