I thought I was a wild one with testing in production with SpamAssassin rules set to 0 score. That way I could determine the impact without making the impact at all, or without adding resource overhead to other parties just because I was playing around.
I think it's a good point here that we all wish everyone would do the same thing, but you can't just get upset at people reacting to others who aren't doing things the way we wish they were, and not also get upset at the people who they're reacting to. In a perfect world we'd all do the same things all of the time, in reality there's nuance and not making adjustments for it is to be willfully ignorant of it. We all do what we have to do at the end of the day.
I'm no fan of SpamGrid, I'm actually genuinely surprised to see that anyone works on the project at all anymore. I thought Twilio was just going to milk it until it's revenue dropped below overhead and then repurpose the IPs / sell off the brand. Since, you know, it seems like so little there has changed from an external perspective since this: Sendgrid Under Siege from Hacked Accounts - Krebs on Security [1]
But credit where it's due, someone digging into response codes and reacting to the strange ways that everyone else handles their own mail servers, I respect the work.
On 2023-06-23 16:28, Michael Orlitzky via mailop wrote:
I don't necessarily disagree with this, but here's another perspective. Blacklists are hard to test in production because they rely on a third party. When testing a new config, it's common (at least in postfix land) to switch your reject code from 5xx to 4xx while you see how things play out. Basically, you're giving yourself time to look at the logs and decide if you're losing mail that you don't want to lose. When you're satisfied, you switch the reject code back to 5xx. There are several config parameters designed for this.
Links: ------[1] https://krebsonsecurity.com/2020/08/sendgrid-under-siege-from-hacked-accounts/
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
