It appears that Andy Bradford <amb-sendok-1664228910.kbfabenlkjeidojhkdch@bradfords.org> said:
>Thus said George Georgalis on Sat, 27 Aug 2022 11:47:19 -0700:
>
>> I don't like the idea of greeting delay, imagine if all smtp did that?
>
>This might shed a different light on the matter:
>
>http://www.armory.com/~spcecdt/spamware/
>
>As far as what would happen if all SMTP did that? It would likely have
>minimal impact on legitimate senders.
Adding an extra 90 seconds per connection? That would have a huge
effect, considering that a typial SMTP session is something like 10
seconds. I suppose if you only do it on generic-looking PTRs that is a
small fraction of legit senders 90 seconds is silly.
This seems to be a chronic problem with techniques like greylisting or
greet-pause, people imagine that if some of it is good, more is
better. My greylister only delays connections from IPs that have never
successfully retried before, and accepts a retry from anything in the
/24 for IPv4 or the same /64 for IPv6. It catches a lot of spamware
and I do not believe it would be any more effective it if were a lot
more aggressive or did it on every message, while I would lose a lot
more mail and subject my users to delays.
A greet pause of 10 seconds would be as effective as 90 seconds, and
there is no point to doing it on any IP that has waited on previous
connections.
R's,
John
>Thus said George Georgalis on Sat, 27 Aug 2022 11:47:19 -0700:
>
>> I don't like the idea of greeting delay, imagine if all smtp did that?
>
>This might shed a different light on the matter:
>
>http://www.armory.com/~spcecdt/spamware/
>
>As far as what would happen if all SMTP did that? It would likely have
>minimal impact on legitimate senders.
Adding an extra 90 seconds per connection? That would have a huge
effect, considering that a typial SMTP session is something like 10
seconds. I suppose if you only do it on generic-looking PTRs that is a
small fraction of legit senders 90 seconds is silly.
This seems to be a chronic problem with techniques like greylisting or
greet-pause, people imagine that if some of it is good, more is
better. My greylister only delays connections from IPs that have never
successfully retried before, and accepts a retry from anything in the
/24 for IPv4 or the same /64 for IPv6. It catches a lot of spamware
and I do not believe it would be any more effective it if were a lot
more aggressive or did it on every message, while I would lose a lot
more mail and subject my users to delays.
A greet pause of 10 seconds would be as effective as 90 seconds, and
there is no point to doing it on any IP that has waited on previous
connections.
R's,
John