Home » Learning Curve » Red Hat Diaries
20060125,00
Graylisting.
The gurus of the net have come up with a great new idea. It's called graylisting.
<http://projects.puremagic.com/greylisting/whitepaper.html>
Maybe you've seen mail being returned with the message 'this could not be delivered, will try again'. That's probably graylisting, says Robin.
According to the above white paper, graylisting is very simple. It looks only at three pieces of information called a 'triplet'.
1. The IP address of the host attempting the delivery.
2. The envelope sender address.
3. The envelope recipient address.
And the rule is: if you've never seen that triplet before, refuse the message.
Right away you know this is a good idea, because it basically doubles traffic for a while. And as it's traffic that makes our ISP costs rise, we can be in worse trouble than ever. So right away you know you're onto something special.
Graylisting's refusals are temporary only because spammers will not normally be able to retry a send and malware won't either whereas legitimate SMTP will. But of course this increases traffic to the absurd.
Then let's again reflect on the fact that mail-borne viruses invariably come from fucking Microsoft Windows machines, so once again the entire Internet - and that means you who are smarter than to use Windows - are paying for what that wanker Bill Gates is doing.
The processing overhead is minimal, the white paper points out. The filtering is not Bayesian - it does not look at the contents of the message, only the triplet. Of course triplets have to be added to a database which is kept online at all times. And then considering we have four billion IPs in the world with 32-bit IP and who knows how many tens or hundreds of billions of mail addresses, we get a database of a considerable size.
A database maintained by every server that's implementing graylisting.
'Since the Greylisting method delays acceptance of unknown mail, that will generate a little more work for the sending MTA of legitimate mail', the white paper points out and goes on to comment:
'The flip side is that it generates a lot more work and smarts for the spammer's systems, hopefully enough to make the costs of spamming higher, possibly even to the point of making spamming unprofitable for some of them.'
Now while it's admirable to try to reduce the amount of spam - as long as the W3C can't get their fat arses off the ground and do something about the abysmal SMTP - it's once again yet another case of making the good guys pay for the transgressions of the evil few. And today most spam is virus-laden anyway, and we all know where those viruses come from.
Redmond Washington.
'There should never be a false positive!' boasts the white paper. OTOH ordinary innocent mailboxes are inundated with the 'could not send message' junk which is just as bad as spam itself. Some solution, guys.
So if all of a sudden you start seeing these idiotic messages, you know whence and why they probably came: gurus are at work again and Bill Gates still refuses to clean up his act.
Anyone claiming Bill Gates hasn't ruined the neighbourhood should be taken out and shot.
PS. Now if the US could just stop misspelling words like 'gray' all the time. Of course we'd also have to teach them to stop saying 'uh' and 'um' all the time because they're not real words either.
|