Tuesday, September 11, 2007
Note on a greylist implementation
For such a simple concept, greylisting has a lot of pitfalls. I managed purely by chance to see that Mark had sent me an email (I saw the tuple in the log files). Curious to see how long it took to be accepted, I was horrified to see that not only had it not been accepted by the greylist daemon, but that it had been kicking around the system for over 30 hours!
Like clockwork, Mark's email server was attempting to send the message every thirty minutes, on the dot, and thus, was never getting through the embargo time out. It all came down to this one piece of code:
if (difftime(req->now,stored->atime) < c_timeout_embargo)
{
stored->atime = req->now;
send_reply(req,CMD_GRAYLIST_RESP,GRAYLIST_LATER);
return;
}
If the last access time was less than the embargo timeout, update the access time and send back “try again later.” At the time I found this out, I simply added Mark's server IP to the whitelist and restarted the greylist daemon.
Later, at the weekly Company meeting, I mentioned some of the issues I've had over the week and after some discussion, I made two changes to the greylist daemon:
- cut the embargo timeout from one hour to 25 minutes
- use only the sender and recipient in the tuple, dropping the IP address (or rather, ignoring it)
To test these changes, I also removed a bunch of the whitelisted IP addresses, to test the effectiveness.
They weren't all that effective.
I had problems with BellSouth, trying to deliver an email for four hours (and, as always, well below the embargo threshhold). I restarted the greylist daemon with an extended whitelist of IP addresses.
In reading many pages on greylisting, I realized I may have mis-interpreted the original whitepaper:
With this data, we simply follow a basic rule, which is:
If we have never seen this triplet before, then refuse this delivery and any others that may come within a certain period of time with a temporary failure.
So instead of checking against the last access time, I should compare against the creation time of the record.
Off to make that change and see how it goes.
Constrained writing demoed via email exchange awhile ago
Cadaeic Cadenza (link via Jason Kottke) is a “constrained writing,” where the constraint is each word has the number of letters corresponding to a digit in π (first word has three letters, second word has one letter, third word has four letters, and so on).
It reminded me of an email exchange I had with my friend Hoade, wherein each email was constrained in some manner.
It starts with a reply to Hoade:
- From
- Sean Conner <spc@pineal.math.fau.edu>
- To
- Sean Hoade <shoade@sun1.iusb.edu>
- Subject
- Re: Scooby Dooby Doo, Where Are You?
- Date
- Mon, 19 Jun 95 22:56:45 EDT
A long long time ago in a network far far away, The Great Sean Hoade wrote:
Conman—
Hello. Hope you are well. I am fine. Good. Help. I can just make one-syllable words, 'cept for the word “syllable.”
Will try to keep this small. Can I count on you to come down here two months from now? I look towards the day you are here. And I think I can help you with your word choice. Too bad you had to use a long word there. It is not hard to avoid those words. See?
- From
- Sean Hoade <shoade@sun1.iusb.edu>
- To
- Sean Conner <spc@pineal.math.fau.edu>
- Subject
- cool
- Date
- Tue, 20 Jun 1995 17:27:19 -0500 (EST)
Harder, methinks, writing choices using only two-time counting …
- From
- Sean Conner <spc@pineal.math.fau.edu>
- To
- Sean Hoade <shoade@sun1.iusb.edu>
- Subject
- Re: cool
- Date
- Tue, 20 Jun 95 18:18:38 EDT
Truthful wisdom indeed. Thinking dual phonems (spelling?) isn't easy. Although practice ensures success. Agree?
(And yes, I still have problems speling)
- From
- Sean Hoade <shoade@sun1.iusb.edu>
- To
- Sean Conner <spc@pineal.math.fau.edu>
- Subject
- Re: cool
- Date
- Tue, 20 Jun 1995 20:06:21 -0500 (EST)
Sentence fragments? Forswear fragments, Conner! (Asshole …)
- From
- Sean Hoade <shoade@sun1.iusb.edu>
- To
- Sean Conner <spc@pineal.math.fau.edu>
- Subject
- Re: cool
- Date
- Wed, 21 Jun 1995 18:44:25 -0500 (EST)
Attempting tripartite syllabic collections challenges heartily, Connerman.
Personal opinion: redundant repeating selections crucify attempters thoroughly.
The constrained emails died down for a few days, until this exchange:
- From
- Sean Hoade <shoade@sun1.iusb.edu>
- To
- Sean Conner <spc@pineal.math.fau.edu>
- Subject
- Four syllables?
- Date
- Mon, 26 Jun 1995 23:22:30 -0500 (EST)
Enigmatic, mysterious communiques– incredible electronic correspondence!—solidify, obviously computerized benedictions Hoade-to-Conner.
Whaddyathink?
Hoade
P.S.—Aquarium!
- From
- Sean Conner <spc@pineal.math.fau.edu>
- To
- Sean Hoade <shoade@sun1.iusb.edu>
- Subject
- Re: Four syllables?
- Date
- Mon, 26 Jun 95 22:51:18 EDT
Incredible! Spectacular! Impressively unspeakable phenomenon! Untoppably quisicential!
Did I mention that I kant spel?
Anyway, a few months go by, and our last exchange of contrained emails:
- From
- Sean Hoade <shoade@sun1.iusb.edu>
- To
- Sean Conner <spc@pineal.math.fau.edu>
- Subject
- Re: Perfectly Prosaic Prose
- Date
- Sat, 27 Jan 1996 07:54:21 -0500 (EST)
And because computers drain everyone's future—good! Have I just kinda loose morals? No! Only pious, questioning rabbis say this (until vacuous women—Xanax—yawn zestlessly).
- From
- Sean Conner <spc@pineal.math.fau.edu>
- To
- Sean Hoade <shoade@sun1.iusb.edu>
- Subject
- Re: Perfectly Prosaic Prose
- Date
- Sun, 28 Jan 96 3:33:25 EST
Zounds! Your xiphoid women vanguard unilaterally try soldierly responses quickly. Personally, one needs many large Kaffirian juggernauts, instigating hectoring grandiose fanaticism. Egads! Damnation! Cabalists be aware!
Yeah, you try writing a twenty-six word paragraph in reverse alphabetical order and see how easy it is.
Granted, what we did wasn't as difficult as writing a work with letter counts based on π or a book without the letter “E” but that doesn't mean it was easy.
