From owner-freebsd-isp@FreeBSD.ORG Fri Feb 25 16:58:41 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E52F316A4CE for ; Fri, 25 Feb 2005 16:58:41 +0000 (GMT) Received: from obh.snafu.de (obh.snafu.de [213.73.92.34]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6DD7843D48 for ; Fri, 25 Feb 2005 16:58:41 +0000 (GMT) (envelope-from ob@gruft.de) Received: from ob by obh.snafu.de with local (Exim 4.44 (FreeBSD)) id 1D4inY-0004Jm-JY for freebsd-isp@freebsd.org; Fri, 25 Feb 2005 17:58:40 +0100 Date: Fri, 25 Feb 2005 17:58:40 +0100 From: Oliver Brandmueller To: freebsd-isp@freebsd.org Message-ID: <20050225165840.GC70464@e-Gitt.NET> References: <20050223110037.177AB43D2F@mx1.FreeBSD.org> <421C65CA.9060606@adamstudios.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Qxx1br4bt0+wmkIi" Content-Disposition: inline In-Reply-To: <421C65CA.9060606@adamstudios.com> User-Agent: Mutt/1.5.8i Sender: Oliver Brandmueller Subject: Re: SpamAssassian with FreeBSD and Big Mail Server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Feb 2005 16:58:42 -0000 --Qxx1br4bt0+wmkIi Content-Type: text/plain; charset=iso-8859-15 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi. On Wed, Feb 23, 2005 at 12:15:22PM +0100, Randy Adamczyk wrote: > do you receive a _lot_ of spam? if you are running into recource > problems because of spam, you should look into greylisting: >=20 > http://www.greylisting.org/ > http://projects.puremagic.com/greylisting/whitepaper.html >=20 > greylisting for exim + spamassassin: > http://greylisting.org/implementations/sa-exim.shtml >=20 > i use greylisting with postfix, spamassassin and virus-scanners with > amavis-new. spamassassin hardly has any work to do since i implemented > greylisting. And when doing things greylisting, please try to see both sides. Since people tend to see only their side, I will now describe the=20 medium-sized-ISP side of things. Well, everyday life. Spam of course also hit's our servers and due to=20 legal things we cannot just filter every incoming mail. Queues are=20 around 5000 mails. That's OK with our hardware. Then, one day, someone invented greylisting. Great idea. Since=20 especially universities and other organizations like this have adopted=20 it, his means that quite a lot of mails go to servers with greylisting.=20 Queues have grown since then. 10000 per server average is what we see=20 now. The problem here is, that in theory the server tries again after 5=20 minutes and gets the mail delivered. The real side of the problem is:=20 The bigger the queues are, the more time it takes until you come up with=20 the same mail again. So mail takes not 30 seconds to arrive,not 5=20 minutes like greylisting theory, but maybe half an hour. That's already=20 a value some customers complain about. Now people without the slightest=20 idea what they are doing start to implement greylisting. They get the=20 connection from 123.123.123.1 the first time and send their temporary=20 error. Fine. The queue runner on 123.123.123.7 picks up the mail next=20 time. Temporary error, because the .1 is currently allowed to send the=20 mail. OK, second temporary error. Mail stored in lower prio, next=20 delivery attempt in one hour. And so on. Greylisting makes a lot of trouble at big sites. And mens longer and=20 sometimes very delivery times for mail. Great idea, yeah, spread that to the world, maybe the day will come,=20 when snailmail is faster... - Oliver --=20 | Oliver Brandmueller | Offenbacher Str. 1 | Germany D-14197 Berlin | | Fon +49-172-3130856 | Fax +49-172-3145027 | WWW: http://the.addict.de/ | | Ich bin das Internet. Sowahr ich Gott helfe. | | Eine gewerbliche Nutzung aller enthaltenen Adressen ist nicht gestattet! | --Qxx1br4bt0+wmkIi Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCH1lAiqtMdzjafykRAtxUAJ0cmzTWBuVb4ulGB0+3/I3Za+lpGgCfW0GH ihxiCeIG5Sbr9yG0KlnNruU= =HVQ/ -----END PGP SIGNATURE----- --Qxx1br4bt0+wmkIi--