Why is Novell Groupwise broken?

Vernon Schryver vjs@calcite.rhyolite.com
Sun Dec 4 21:50:19 UTC 2005


> From: Gary Mills 

> One site that failed to retry delivery claims to be running GroupWise
> 6.5 SP5.  Either Novell broke it in SP5, or the site has it badly
> configured.  I'm guessing that it is a configuration error.  The admin
> said ``The issue is with the embedded initial retry in GWise GWIA
> (SMTP) of 20 minutes which is too long for most greylist solutions.''
> I don't know how he configured it.  Twenty minutes seems reasonable
> to me.  The SMTP standard recommends 30 minutes.

Something is askew in what that administrator seems to be be saying,
and not only that section 4.5.4.1 of RFC 2821 says

]  The sender MUST delay retrying a particular destination after one
]  attempt has failed.  In general, the retry interval SHOULD be at
]  least 30 minutes; however, more sophisticated and variable strategies

Isn't the problem with these particular SMTP clients that they fail to
retransmit at all instead of waiting 20 minutes to retransmit?  Contrary
to the administrator's words about "most greylist solutions," I think
the most common greylist embargoes are far longer than 20 minutes.

How would a 20 minute or any retry be "too long" for any greylist
filter?  The retry delay should be longer than the filter's embargo,
but not "too long."  However, the only plausible notion of "too long"
I can see involves not computer but only human user impatience.

The default dccm/dccifd greylist embargo is 4.5 minutes, because my
measurements of spammers that did retransmit (esp. some spamware
popular among 419 spammers) found very few that persist for 5 minutes.
On the other hand, sendmail in major commercial UNIX releases has been
configured to retransmit after 15 minutes, I've seen many SMTP clients
configured to retransmit after 5 minutes, and then there are the sendmail
and other installations that use some crazy ("backup server"?) schemes
to retransmit after less than 1 second.


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.