Amayita (![[info]](http://l-stat.livejournal.com/img/userinfo.gif){kind=small} amayita) wrote,@ 2007-02-02 20:33:00 |
|
| Current mood: |  aggravated |
Sender verify callouts *are* evil
Steinar H. Gunderson wrote:
> Who the heck is “uceprotect”, and should anyone care?
> At least they obviously don’t have much idea how sender verify works,
> as you can see from their page on the issue...
Well, as I can’t properly or reliably communicate with the Debian project via email anymore, I was about to allow sender verify probes on my side, but after reading what the Postfix project has to say about it, together with the “uceprotect” people, who look quite harsh, but otherwise reasonable to me... I say no way. Who the heck is “postfix”, and should anyone care? At least they obviously have a clue about how sender verify works, as you can see from their page on the issue...
I am sick of changing configuration in my (otherwise) almost perfectly working smtp server, specially if I am opening my postfix server to a potential DoS. From the link above:
The sender/recipient address verification feature described in this document is suitable only for low-traffic sites. It performs poorly under high load and may cause your site to be blacklisted by some providers.
Is Debian a low-traffic site? I am feeling cut out from the project, as I can no longer email certain (not all) developer@debian.org accounts, bug numbers in the BTS (control still works), and Alioth mailing lists. I refuse to misconfigure my email server because of this. This is plain stupid!
Greylisting was a minor nuissance. This is $FILL_IN_WITH_CURSE_OF_CHOICE:
~-root@aenima>mailqSpammers have already won. I hereby proclaim email officially dead.
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
A57EB890041 1173 Fri Feb 2 19:52:34 xxxxxx@amayita.com
(host lists.alioth.debian.org[217.196.43.134] said: 451 Could not complete sender verify callout (in reply to RCPT TO command)) xxxxxx-pkg-base-maintainers-request@lists.alioth.debian.org
