I disagree, I think... 1. Presumably, a reputation system would be tunable by the sysadmin for the site where it is being applied. In your case, you could tune it by turning off totally any reputation aspect attributable to the source sending email to non-existent user ids. 2. The fact that a source is sending a high volume of email to non-existing users means that source is pretty unreliable in terms of its ability to police its users, and therefore control its spam output. As stated earlier, one intent of the reputation system is to encourage sources to police their systems better. One could presumably use a high bounced mail reputation to inform the senders of valid mail from that system, and the postmaster, that their mail is being purposefully delayed because of the high spam output. This would encourage users to seek other providers, and the postmaster to do a better policing job. All of this could be done automatically, obviously. It's true that a provider could block mail informing their users of this fact, although low-volume mail to specific users might well get through. Gary Matthias Scheler wrote: > On Wed, Dec 08, 2004 at 10:37:43PM -0000, egcrosser wrote: > > 2. > > I find it very a compelling idea to have dynamic greylisting delay, > > per sender IP (or sender domain for SPF-verified submissions), growing > > if there are many submissioons for non-existent users from the IP. > > This would be kinda simple reputation system. > > The basic problem with that idea is that you will only hurt real mail > servers with this scheme. My e-mail server has received over 1400 mails > to non existing addresses in the last 18 hours. As far as I can see there > is not a single spam e-mail between those. All those message are bounces > caused by spammers. By rejecting the mail server trying to deliver that > bounce you will only make that class of problems worse. > > I'm sorry but your idea is broken by design.
Message
Re: [milter-greylist] Why a reputation system is bad
2004-12-16 by Gary Aitken