LOL! -----Original Message----- From: Kwiatkowski, Nicholas [mailto:[log in to unmask]] Sent: Thursday, October 25, 2007 9:10 AM To: Vasquez, Timo; [log in to unmask] Subject: RE: [MSUNAG] E-mail Issues I would have just blamed it on the "tubes" :) Sorry, bad political joke. -Nick Kwiatkowski MSU Telecom Systems -----Original Message----- From: MSU Network Administrators Group [mailto:[log in to unmask]] On Behalf Of Vasquez, Timo Sent: Thursday, October 25, 2007 8:52 AM To: [log in to unmask] Subject: Re: [MSUNAG] E-mail Issues I have been in a similar situation with a clearing house email because of a customers infrastructure upgrade and their lack of that knowledge. I was the network manager and being put on the spot to answer why it took several hours for a simple mail with one attachment only 230kbs (if memory serves me). Then I was expected to track the message as if it were a fedex package. The only thing I could do was prepare a simple visio diagram of our mail system, then show how it went out our building using a tracert command result that I included in a graphic representation. I then requested that I be in touch with this companies IT staff to provide the same kind of document so I could represent the "start to finish" This clearing house is international so it was like pulling teeth, and it was done after a week and 5 more days of late emails. Turned out two reasons for delay. They had a new spam filter called Spam Assasin that had not been fully "tweeked" to suit their big organization yet. The mail my user was sending had a html type signature that referenced an image that pointed to our corporate web site. So it was being examined and then sent through in plain text style with attachment. From that day forward I requested that diagram for all our client base, and if some of them had emails from yahoo, hotmail, Comcast and aol for their desired reciving account, I had a disclaimer that I can not control the paths for public venues so delays; though unfortunate were not the fault of (my old company). So that is the three angles: 1.our environment (which can be the cause but is the only tangible part we control) 2.the isp between us and the recipient, and 3.the recipient environment (where everything from their ISP, Network based Spam Filters, and Desktop Solutions are usually the problem and kept from us doing the technical troubleshooting) If I ran the network equipment here and controlled the mail server you send from I would go out of my way to get you your answer... Good luck to you and I am sure some of the people here on this list will help you settle your issue. Timo -----Original Message----- From: MSU Network Administrators Group [mailto:[log in to unmask]] On Behalf Of Laurence Bates Sent: Wednesday, October 24, 2007 2:12 PM To: [log in to unmask] Subject: Re: [MSUNAG] E-mail Issues Yes, but what do you tell upper level administrators when they find that a major funding source is being jeopardized by untimely email communications? Relying on what you hear from people is convenient but not very sensitive to their real concerns. -----Original Message----- From: Brian Martinez [mailto:[log in to unmask]] Sent: Wednesday, October 24, 2007 1:40 PM To: [log in to unmask] Subject: Re: [MSUNAG] E-mail Issues All, I would like to point to my original in-depth thread on the matter of greylisting: http://list.msu.edu/cgi-bin/wa?A2=ind0704&L=MSUNAG&P=R995&I=-3 Furthermore, I would like to go even more in-depth and touch upon several things to make sure we are all on the same page about this. There are going to be lots of numbers, so please read closely: ------ * A sender only needs to send 1 message, not 3 messages. * A sender does not a receive a flat out rejection, merely a 451 Temporary Error. * A sender not in our database has to go through the greylisting delay, sender's who have passed the test should get through without exception * With a properly configured SMTP server, most senders can get through the greylisting process in well under one hour. * Our SMTP daemons at mail.msu.edu are configured to respond to 451 Temporary Errors as such: retry sending the message every five minutes for fifteen minutes. Failing that, retry the message every ten minutes for one hour. Failing that retry sending the message every two hours for 16 hours, and so on... * As I write this there are currently 1,109,396 hosts who we "trust" Naturally, some of them are spammers, but most of them are not. * The above number grows every single day/hour/minute. ----- The following should give you an idea of the exceptions we make. These folks completely bypass the greylisting process: * We maintain a list of exceptions for nearly all .gov addresses in the United States (we generate it based off of our logs), currently at 4,242 listings * We maintain a list of exceptions for every host here at MSU that carries a valid MX record, currently at 341 listings * We maintain a list of miscellaneous hosts of people who were privy enough to go through our Help Desk and make sure their email goes through as expected. We have helped a few hosts reconfigure their mail servers to meet the RFC spec., currently at 151 listings * We auto-generate a list of larger domains who carry SPF records, AOL, Google, Amazon, Hotmail, Microsoft and more recently Fidelity Investments, currently at 129 listings * The website greylisting.org provides a list of hosts who have difficulty bypassing anybody's greylisting setup. Including Southwest Airlines, MoveOn.org, lists.mysql.com, and ameritradeinfo.com to name a few. This only has 22 entries. ------ You'll note from our stats page: http://project.mail.msu.edu/~rrdtool/spam.php That we have easily dropped 600,000 pieces of spam PER DAY since we implemented greylisting!! Of course spam still does come through, and some legitimate email does get dropped. But with folks knowing that they are expecting a piece of email and it hasn't come through, they know to hit up our Help Desk and we work through to resolve the problem. I have not heard a single complaint about greylisting until just recently, so I hope this helps put things in perspective and helps clear things up a bit. As Nick noted earlier, greylisting is system-wide. It sits as a transparent-bridge between the Internet and mail.msu.edu. The vast majority of people sending to us (nearly 1,110,000 different hosts) do not even know they have gone through greylisting. If there is email _not_being received, the best method for finding out is testing with outside sources first, such as Gmail/Yahoo/Hotmail/etc. Then calling our Help Desk and providing them with full headers from the successfully received message at whatever 3rd party address that was used. We will then investigate the issue and determine if its greylisting or not, and if it is, we will see if it is possible to have their mailer reconfigured properly. If that is outside of the scope of the person attempting to mail us, we will work to add them to our exceptions list (which also seems to grow weekly as of late). Of course, if the issue is not greylisting, we will work to find the appropriate area to move the issue into. If people are so inclined, then anyone is obviously free to migrate elsewhere. I wanted to make sure as many facts as I could recall were clear before anyone decides to go anywhere else. It is a very trustworthy system and the majority of people I hear from swear by it and are quite happy it is in place. Regards, ./brm __________ NOD32 2614 (20071024) Information __________ This message was checked by NOD32 antivirus system. http://www.eset.com