Prev: MIME coding for SMTP
Next: sendmail and faxes
From: Andrzej Adam Filip on 16 Apr 2008 11:44
Grant Taylor <gtaylor(a)riverviewtech.net> wrote:

> On 04/16/08 07:34, Susan Barnes wrote:
> (I'll let others more experienced with throttling answer your other
> questions.)
>
>> We might also try a very brief greetpause (say 1 second). Does
>> anyone know whether this could cause problems with legitimate MUAs?
>
> I've been running GreetPause on all my DaemonPorts for a while with
> out any problem. Globally (port 25) I'm running a 3 second GreetPause
> and internally (port 587) I'm running a 1 second GreetPause. I have
> yet to see any problems related to this other than someone asking "Why
> does <insert MUA> take about a second longer to send emails than it
> did before?". When I tell them that it is a new anti-spam technique
> that we are using they hem and haw for a few moments and then realize
> that a second wait is not really noticeable especially in comparison
> to the little spam that they do (rather the lots that they do not)
> get. I've also found that these same people don't notice the pause
> after about a week. If you want, start with a very low GreetPause and
> slowly work it up over the coming weeks. Give your users a chance to
> ease in to it.

What is you opinion about using different GreetPause for
a) DUL addresses (synamic IP ranges)
b) worse reputation nets
[e.g. L2.APEWS.org lists "the worse half" of the Internet]

--
[pl>en: Andrew] Andrzej Adam Filip anfi(a)xl.wp.pl
Open-Sendmail: http://open-sendmail.sourceforge.net/
Death didn't answer. He was looking at Spold in the same way as a dog looks
at a bone, only in this case things were more or less the other way around.
-- Terry Pratchett, "The Colour of Magic"
From: Grant Taylor on 16 Apr 2008 12:32
On 04/16/08 10:44, Andrzej Adam Filip wrote:
> What is you opinion about using different GreetPause for
> a) DUL addresses (synamic IP ranges)
> b) worse reputation nets [e.g. L2.APEWS.org lists "the worse half"
> of the Internet]

Personally I do not do that, but I see no problem with doing that. I
think doing such would be a PITA to manage. If you want to update your
(what will be complex) GreetPause configuration go for it.

Though I doubt that you will see much ROI for your trouble. I think it
would be better to set your GreetPause low and start raising it while
watching how many times it is triggered. You decide if you want to
alter it based on location or not. Keep in mind that GreetPause is
intended to cause sending systems to wait for your server's HELO
*BEFORE* the client sends its HELO / EHLO to your server. So if there
is a GreetPause that is sufficiently long enough to catch senders that
are not pausing (or are pausing in between commands regardless of reply)
I don't think raising it much higher will catch any (vary few) more
systems that are actually waiting for a reply and following SMTP state
like they should be. In short, if the sending system is willing to wait
for your HELO, I don't think it will matter if the wait is 1 second or
30 seconds or something else as the client *IS* (most likely) following
proper SMTP state which is what GreetPause is intending to catch (those
that are not playing by the rules).



Grant. . . .

 | 
Pages: 1
Prev: MIME coding for SMTP
Next: sendmail and faxes