Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP Service Extension for Greylisting Operations
Hector Santos <hsantos@isdg.net> Tue, 04 February 2014 20:45 UTC
Return-Path: <hsantos@isdg.net>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F20C41A010F for <apps-discuss@ietfa.amsl.com>; Tue, 4 Feb 2014 12:45:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.001
X-Spam-Level:
X-Spam-Status: No, score=-102.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4TiMl8Ye1r98 for <apps-discuss@ietfa.amsl.com>; Tue, 4 Feb 2014 12:45:05 -0800 (PST)
Received: from ntbbs.santronics.com (ntbbs.winserver.com [208.247.131.9]) by ietfa.amsl.com (Postfix) with ESMTP id A02E21A01A6 for <apps-discuss@ietf.org>; Tue, 4 Feb 2014 12:45:01 -0800 (PST)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=4599; t=1391546690; h=Received:Received: Received:Received:Message-ID:Date:From:Organization:To:Subject: List-ID; bh=1JlReUnMGpoago0o+dTfzMCuO/0=; b=V61jY4yrEqla7oEWTfmc r9N3KoBnUgNb1jSY0eXxjjHKDv7Ylfq53SaeuGKcByoe+IpXTJjQZFcmTH6tCB3l VSsN1oOnsAa0R4bRjIj+gqO0JTF3B9kftPxxZ2IgWnErNS9YLYraK5zeofxhmyzk MS3yNgih51VLgABguRs+fiA=
Received: by winserver.com (Wildcat! SMTP Router v7.0.454.4) for apps-discuss@ietf.org; Tue, 04 Feb 2014 15:44:50 -0500
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; adsp=pass policy=all author.d=isdg.net asl.d=beta.winserver.com;
Received: from opensite.winserver.com (beta.winserver.com [208.247.131.23]) by winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 829172278.11693.1980; Tue, 04 Feb 2014 15:44:50 -0500
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=4599; t=1391546090; h=Received:Received: Message-ID:Date:From:Organization:To:Subject:List-ID; bh=VucTxnr InKtS9Wkpus4Vt9JdNyUDsGqI+7xzrZoJJjg=; b=AOesYAvbqa6YWzwA6VRAq4G d7MhvCtMfY+Kja9OICzNVwPzH+jlIsyzUj8MZDYnvLW7Lth1NfM1ObG3CcQL2MIG RSnmOgt1W9OfmlipMdSesK1ZiAgGndjUNMg+BY2PUNXVKs25FZBXj82N0EML1eqJ eVAKm2mW4ejDrDuZ/iq4=
Received: by beta.winserver.com (Wildcat! SMTP Router v7.0.454.4) for apps-discuss@ietf.org; Tue, 04 Feb 2014 15:34:50 -0500
Received: from [192.168.1.2] ([99.121.4.27]) by beta.winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 275469256.9.9644; Tue, 04 Feb 2014 15:34:49 -0500
Message-ID: <52F15142.3080009@isdg.net>
Date: Tue, 04 Feb 2014 15:44:50 -0500
From: Hector Santos <hsantos@isdg.net>
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
MIME-Version: 1.0
To: apps-discuss@ietf.org
References: <20140204193312.56742.qmail@joyce.lan>
In-Reply-To: <20140204193312.56742.qmail@joyce.lan>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP Service Extension for Greylisting Operations
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss/>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Feb 2014 20:45:10 -0000
On 2/4/2014 2:33 PM, John Levine wrote: >> I don't think this is an argument for or against standardization, however. The >> overarching goal of improving timely delivery of mail trumps the cost of >> dealing with the obsessions some sites have. IMO this protocol needs to be >> assessed almost entirely on the basis of whether or not it improves the >> situation surrounding greylisting. > > In my experience, the amount of real mail that is delayed at all by a > reasonable greylister is insignificant. This spec only attempts to document the basic framework of greylisting based on [HARRIS] and also offers a method to minimize GLS (GreyListing Server) forced client mail delivery delays. > Once you know that an IP has successfully retried, there's no point in > further greylisting, so you add it to the greylist whitelist (pale > grey list?) It might be good if the growing amount GLS out there would permanently IP whitelist the sender from future unnecessary GL based delays. However, this is not generally the case. SMTPGREY includes a concept of an expiration period which was part the original 2003 [HARRIS] greylisting specification where most systems, if not all, were based on. So its more of a temporary whitelisting concept. Your suggestion would be this make this a permanent whitelist. I think this would be local level policy idea for GL implementators to offer to operators -- make it optional. GL can help feed into these additional automated white listing intelligence. Perhaps also couple it with a DKIM signature requirement before it can get pass a greylist requirement. I think these considerations could be part of an appendix, but not the basic protocol. I will venture that most systems that have implemented Greylisting has done so with plug and play fashion, using best establish values for blocking and expiring. There is much experiences in these values and the values have worked out of the box. Operators don't usually adjust the defaults. But if they have, that would be something to learn about. > This means that the only non-bot mail that gets > greylisted is the first one or two from an IP that hasn't sent mail > before, and that just isn't very many IPs or very much mail. It's > certainly not worth a new SMTP extension and extra state in mail > servers. None of this is a problem -- it is an optimization to minimize mail delivery delays that is increasingly caused my GL servers. With bulk transmissions, there are more IP congestion/load limits and following retry hints has helped remove some of the randomness in retry/bulk mail delivery delays. Its not a problem because retry/bulk strategies are necessary w/o greylisting. SMTPGREY addresses a certain portion of the temporary rejection spectrum that do cause mail delivery delays by design. The mail will get out eventually, maybe after 3-5 wasted attempts over long extended mins, even hours. SMTPGREY has proven to show to cut all waste to the bare minimum, which can be an extra retry at the lowest possible time offered by the server. Keep in mind NULLMX proposal is not a problem and we about to take on this work as a standard. In fact, if NULLMX, why not SMTPGREY while we are in a SMTP CHANGE mode mindset. One suggest a successful MX lookup with PREFERENCE=0 as a means to remove a queued item from the outbound queue and immediately activate a bounce process. The other suggest a RETRY HINT from the temporary rejection GL server as a way to override the next delivery attempt time with a shared client/server handshake time value. Both are good ideas to do help improve with mail delivery and queuing strategies. > I realize there are extreme greylisters that greylist everything on > the theory that a mail server might be sharing its IP with a bot, or > if they wait long enough the sender will show up on a blacklist, or > something. That's certainly not a basis to standardize anything. This proposal attempts to not deal with the poor implementations of greylisting. It uses [HARRIS] as the original method most GL systems are based on to document the basic framework and its options available. SMTPGREY deals with what exist in the market place - a higher degree of hitting HARRIS-like GL servers with temporary rejections and many of the different GL servers already provide a Retry Hint which client can leverage. -- HLS [HARRIS] Harris, E., "The Next Step in the Spam Control War: Greylisting", 2003, <http://projects.puremagic.com/ greylisting/whitepaper.html>.
- [apps-discuss] draft-santos-smtpgrey-02: SMTP Ser… Hector Santos
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Murray S. Kucherawy
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Hector Santos
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Murray S. Kucherawy
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Ned Freed
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Hector Santos
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Hector Santos
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… John Levine
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Ned Freed
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Hector Santos
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Derek Diget
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Hector Santos
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Murray S. Kucherawy
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Ned Freed
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Murray S. Kucherawy
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… John Levine
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Hector Santos
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Murray S. Kucherawy
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Ned Freed
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Murray S. Kucherawy
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Ned Freed
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Murray S. Kucherawy
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Claudio Allocchio
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Salvatore Loreto
- Re: [apps-discuss] draft-santos-smtpgrey-02: SMTP… Hector Santos