On Thu, Mar 17, 2005 at 10:59:19AM +0100, Mads Martin Joergensen wrote: > So if any of you are running lists on sendmail and want to use VERP as > well, you might want to have a look at the work Andreas Barisan did. > He's using mlmmj with verp enabled sendmail:
Seeing as I'm just running into a lot of VERP problems I thought I'd see what experience other list managers are having. I'm implementing greylisting for users at Keele as an anti-spam measure. http://projects.puremagic.com/greylisting/ A quick description of greylisting is that a mail server takes a look at the sender address and recipient address and the IP number of the sender and takes a look to see if that combination has been seen before. If it hasn't then a temporary failure code is returned to force the sending mail system to retry at a later date. This block remains in force for an hour. After an hour the mail system will then accept the mail and whitelist the sender, recipient and IP triplet for about a month. If that triplet is seen again then the whitelist is extended each time. The idea being that if there's normal traffic between two mail addresses then they quickly become whitelisted and no further delays occur. It has a high success rate as it neatly stops all the current spam software running on PC's as they (at present) do not have queue enabled MTA's and so never retry a temporary failure. If they do develop queue enbaled software then we still win because we have roughly 1 hour to detect a spamming PC and get it on an RBL before they call back to our mail server. If spammers start using ISP's to spam from to get a queuing mechanism then they will end up on spamcop and we block them there. The problem with greylisting is that VERP enabled mailing lists always fall foul of the greylist and never get themselves whitelisted. Normal mailing lists like mailman do not have this problem and very quickly become whitelisted. As I've implemented greylisting it has become obvious that there are quite a few VERP enabled mailing lists out there that are now getting 1 hour delays from Keele. What's worse is that some seem to use a unique sender for every attempt to send the mail and therefore never get a mail to us because we never see the same sender twice. Even worse than that, there are sites, such as yahoo groups, which seem to take a temporary failure as a permanant failure and throw the message away. As the number of sites that are greylisting increases I have some doubts as to whether VERP has a future in its current form. -- ______ [EMAIL PROTECTED] Jonathan Knight, / Department of Computer Science / _ __ Telephone: +44 1782 583437 University of Keele, Keele, (_/ (_) / / Fax : +44 1782 713082 Staffordshire. ST5 5BG. U.K.
