[95779] in North American Network Operators' Group
Re: Blocking mail from bad places
daemon@ATHENA.MIT.EDU (Chris Owen)
Tue Apr 3 13:55:56 2007
In-Reply-To: <46128CB3.3080708@thomasleavitt.org>
Cc: michael.dillon@bt.com, nanog@merit.edu
From: Chris Owen <owenc@hubris.net>
Date: Tue, 3 Apr 2007 12:45:53 -0500
To: Thomas Leavitt <thomas@thomasleavitt.org>
Errors-To: owner-nanog@merit.edu
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Apr 3, 2007, at 12:19 PM, Thomas Leavitt wrote:
> The current situation with email is flat out insane. There is no
> other way to describe it.
I'd agree that the situation is bad but certainly not
uncontrollable. We've had very good success keeping spam in check
with a number of technologies while not really having too many
problem with false positives. The last 6 months have been
particularly nice. About that time we expanded our greylisting
policy and that alone has made a dramatic difference. At one point
before doing any greylisting we were accepting about 500,000 messages
a day and delivering about 30,000. Now we accept about 80,000 and
deliver about 25,000. That's a much, much more reasonable ratio.
Really I don't think we are being very aggressive with our
greylisting either. We currently greylist IP addresses on a handful
of RBLs and ones that lack valid reverse DNS. The greylist only
applies for 5 minutes and then we allow the mail through. That 5
minutes though makes all the difference in the world. We've had 2-3
senders complain (mostly about invalid reverse DNS) but really I'm
fine with "fix your shit" for an answer to those people. If they
can't then they can just wait the 5 minutes with all the other unwashed.
Will spammers adapt? Sure. We've already seen stock spammers who
are retrying at 5 minutes to the second. However, this is one of
those issues where the cost of adapting may just be to high most of
the time. Probably easier to just go after the weaker targets.
My other theory on this is that if spammers really do adapt to
greylisting, then they will have no choice but to actually start
caring about bounces and clean their mailing lists. If they don't
then they just won't be able to keep up with all the queued mail.
Getting them to clean up their lists in itself would be a more than
minor victory.
Chris
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Chris Owen ~ Garden City (620) 275-1900 ~ Lottery (noun):
President ~ Wichita (316) 858-3000 ~ A stupidity tax
Hubris Communications Inc www.hubris.net
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
iD8DBQFGEpLRElUlCLUT2d0RAtDVAKCilqRm5LlGOu0z19Z+5PyWLA2QSgCfas+A
bCbab8uLdYtPG9XT7FgbPBM=
=U9Nw
-----END PGP SIGNATURE-----