No fancy pictures or anime reviews this time. This is serious.

Dammit…

I usually fall in line when something is “best practice” and try to understand why that is. But this time I don’t get it. So right now I feel like I’m a noob that disagrees with a majority expert opinion on a subject.

Like a first grader arguing with his math teacher.

Yesterday I actually had a fully working email system for both sending and receiving. The test emails I sent to myself yesterday had arrived by the next morning.

Turns out the instructions I followed also included a type of spam-filter called Postgrey. It operates by forcing the sender to implement the SMTP protocol properly. It does so by responding with a temporary error message to every new peer, and it adds that peer to a “graylist”. A properly configured SMTP service would then try again after some time has passed, and if the peer is still persisting after having spent a certain amount of time in the greylist then it is whitelisted and is allowed to deliver the message.

The pros is that this filters out some 80-95% of all the spam sending software out there as of 2007. Not sure exactly how effective it is today but it nevertheless has a large positive effect on reducing spam, and forces mail-services online to be SMTP compliant. And apparently there are “no drawbacks”… at least with respect to the requirements of the SMTP protocol and assuming that all legitimate parties use proper SMTP configurations.

This saves a lot of computing power from going into spam-filters, and forces spammers to implement a proper mail-sender that retries, making their operation more costly! What’s not to like?

Well, the real drawback is that every message from a new sender, including legitimate ones, will be delayed by an amount of time that is at least as big as the greylist quarantine time, and likely much more due to resend timers.

Nowhere is it stated in the SMTP protocol that email needs to be instant. But you know what? Screw that! SMTP happens to be instant most of the time and we happen to like it that way! It may not be an intended feature of the protocol but it is an expected feature! And I’m not ready to sacrifice it to do something that should be handled by the spam filter.

Just because it is not in the SMTP protocol, does not mean it ought not to be. I would rather have the standard changed to include a line like “Email should be instant if possible”.

And this is where I seem to disagree with a lot of folks online who seem to think that greylisting is all good and no bad. A system that manages itself that can be switched on and then be all forgotten about

Since no one can force me to run a greylist on my server, and the workload is on me to tune a spam-filter to deal with the extra spam, I commented out postgrey from my postfix configuration.

In other news. Turns out my SPF record was faulty. Whitespaces in the middle of the IP that were not visible in my UI due to word wrapping! So, fixed that. Will double check any DNS configurations with a different editor from now on.