Steinar H. Gunderson wrote:
> Who the heck is “uceprotect”, and should anyone care?
> At least they obviously don’t have much idea how sender verify works,
> as you can see from their page on the issue...

Well, as I can’t properly or reliably communicate with the Debian project via email anymore, I was about to allow sender verify probes on my side, but after reading what the Postfix project has to say about it, together with the “uceprotect” people, who look quite harsh, but otherwise reasonable to me... I say no way. Who the heck is “postfix”, and should anyone care? At least they obviously have a clue about how sender verify works, as you can see from their page on the issue...

I am sick of changing configuration in my (otherwise) almost perfectly working smtp server, specially if I am opening my postfix server to a potential DoS. From the link above:

The sender/recipient address verification feature described in this document is suitable only for low-traffic sites. It performs poorly under high load and may cause your site to be blacklisted by some providers.

Is Debian a low-traffic site? I am feeling cut out from the project, as I can no longer email certain (not all) developer@debian.org accounts, bug numbers in the BTS (control still works), and Alioth mailing lists. I refuse to misconfigure my email server because of this. This is plain stupid!

Greylisting was a minor nuissance. This is $FILL_IN_WITH_CURSE_OF_CHOICE:

~-root@aenima>mailq
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
A57EB890041 1173 Fri Feb 2 19:52:34 xxxxxx@amayita.com
(host lists.alioth.debian.org[217.196.43.134] said: 451 Could not complete sender verify callout (in reply to RCPT TO command)) xxxxxx-pkg-base-maintainers-request@lists.alioth.debian.org

Spammers have already won. I hereby proclaim email officially dead.

Looks like my server was greylisting the Sender verify callouts from Debian hosts. I am damn stupid and stand corrected. I take email too seriously. Specially Debian email.

Maybe I am not that stupid, maybe all this antispam measures are just overkill. Maybe we are all overdoing it. Maybe we are all way too paranoid already. Because, after all, I still consider Sender verify callouts to be evil. And email as we know it might be already dead.

Update: I am not stupid after all. All debian hosts are whitelisted by default in the standard postgrey configuration. I don't get it. Hints very welcome!

As I posted to debian-private: Dam it, and I take pride in being an excellent email sysadmin... Looks like I should reconsider my career. Cat herding seems to be easier than dealing with the email crap^Wpain nowadays.