Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP Service Extension for Greylisting Operations
Ned Freed <ned.freed@mrochek.com> Mon, 03 February 2014 19:18 UTC
Return-Path: <ned.freed@mrochek.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 71F341A01D6 for <apps-discuss@ietfa.amsl.com>; Mon, 3 Feb 2014 11:18:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.263
X-Spam-Level:
X-Spam-Status: No, score=0.263 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RP_MATCHES_RCVD=-0.535, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0ppg23Jk4E7Q for <apps-discuss@ietfa.amsl.com>; Mon, 3 Feb 2014 11:18:26 -0800 (PST)
Received: from mauve.mrochek.com (mauve.mrochek.com [66.59.230.40]) by ietfa.amsl.com (Postfix) with ESMTP id 95AD21A016D for <apps-discuss@ietf.org>; Mon, 3 Feb 2014 11:18:26 -0800 (PST)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01P3X2CKJSZ4002TUD@mauve.mrochek.com> for apps-discuss@ietf.org; Mon, 3 Feb 2014 11:13:24 -0800 (PST)
MIME-version: 1.0
Content-type: TEXT/PLAIN; CHARSET="iso-8859-1"; Format="flowed"
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01P3UKUOF2SG0000CD@mauve.mrochek.com>; Mon, 3 Feb 2014 11:13:21 -0800 (PST)
Message-id: <01P3X2CJ52RA0000CD@mauve.mrochek.com>
Date: Mon, 03 Feb 2014 09:06:50 -0800
From: Ned Freed <ned.freed@mrochek.com>
In-reply-to: "Your message dated Mon, 03 Feb 2014 08:30:33 -0500" <52EF99F9.1070908@isdg.net>
References: <52ED3452.7040007@isdg.net> <CAL0qLwbW=xsrLn_CFg41vy3JRO58cZX7omUhi06HeeGiYuinrw@mail.gmail.com> <52ED3F4B.6060803@isdg.net> <CAL0qLwZcrDqpES+JLzTO1ppq9eOenG10=VCg8p15UxV6wwTJXg@mail.gmail.com> <01P3WDM2RDYG0000CD@mauve.mrochek.com> <52EF99F9.1070908@isdg.net>
To: Hector Santos <hsantos@isdg.net>
Cc: Ned Freed <ned.freed@mrochek.com>, IETF Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP Service Extension for Greylisting Operations
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss/>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Feb 2014 19:18:28 -0000
Sorry, I should have commented on the client rescheduling aspect of this in my first response. First of all, this is trivially easy for us to implement, at least in principle. All we have to do is parse out the value from the response and then make a single subroutine call. It really is just that easy with our queue manager. But as always, the devil is in the details. Obviously you can't fully trust the value you get since there are obviously ways small (or large) values could be used to enhance a service denial attack. So there have to be allowed ranges for the values. But is that enough control? I don't know if it is or not. In particular, should MT-PRIORITY be tied into this, and if so, how should it be done? (Different allowed ranges for different priorities is the obvious answer, and may be a reasonable starting point.) And then there's the message versus host issue. We have the ability to either reschedule this one message or reschedule all the messages headed to a particular host. Which one makes sense depends on what sort of greylisting is being done: Is it purely based on the sending host or is it based on some characteristics of the specific message? And before anyone says that you can determine that by the phase at which the greylisting occurs, sorry, no you can't. In my experience it's not at all uncommon for IP-level greylisting to happen as late as RCPT TO phase, and I wouldn't be surprised if it can happen at the end of data. And if you get this one wrong use of this extension could easily increase rather than decrease delivery times with greylisting schemes that penalize overly aggressive retries at the sending host level. The obvious way to address this is to add some enhanced status codes to say whether or not the retry value is intended to apply to this one message or to the sending host as a whole. But I have to wonder if people setting this up would understand the distinction, and I also have to wonder if other queue managers are capable of making use of it. And finally, we have to take the least astonishment principle into account. For whatever reason some sites obsess over the predictability of message retry intervals: Any time they see what they regard as unusual behavior in this regard, they get very excited and demand an analysis be done. Our support people then have to waste time digging in to what invariably turns out to be have a perfectly reasonable explanation: a queue backlog, an unresponsive destination, bad configuration setting, etc. etc. Unfortunately, given their obsession with delivery times such sites are likely to be first in line to enable such functionality if it is available. The possible consequences of this in terms of support time should be obvious. The bottom line is that if this is standardized, given how easy this is for us to support we'd probably implement it. But given the risks we might have to make it a restricted option, which would substantially lessen the liklihood of sites actually using it. Finally, I missed the optional nature of the GREYLIST extension. I have to say I'm not comfortable with assigning semantics to the content of a response line absent a clear indication of what the contents of that line mean. Ned
- [apps-discuss] draft-santos-smtpgrey-02: SMTP Ser… Hector Santos
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Murray S. Kucherawy
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Hector Santos
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Murray S. Kucherawy
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Ned Freed
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Hector Santos
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Hector Santos
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… John Levine
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Ned Freed
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Hector Santos
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Derek Diget
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Hector Santos
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Murray S. Kucherawy
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Ned Freed
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Murray S. Kucherawy
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… John Levine
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Hector Santos
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Murray S. Kucherawy
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Ned Freed
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Murray S. Kucherawy
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Ned Freed
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Murray S. Kucherawy
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Claudio Allocchio
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Salvatore Loreto
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Hector Santos