[milters] Archive

Lists Index Date Thread Search

Article: 666
From: Grant Taylor
Date: 2010-06-11 11:30:33 -0400
Subject: Re: Comments on this backscatterer.org?

On 06/08/10 02:56, Anthony Howe wrote:
> It was a hard choice to make. milter-sender was my first milter and 
> one of the best implementations of call-back IMO. But after seven 
> years, it was getting a little long in the tooth. BarricadeMX came 
> along as my flag ship product, a comprehensive SMTP proxy filter that 
> is a fusion of all the milters, plus many more tests.

For me this is a disappointing turn of events.  I understand why you did 
what you did, but that does not mean that I like it.  :-(

> milter-sender comprises of three techniques: call-back, call-ahead, 
> and grey-listing. Trying to keep it up to date with respect to 
> BarricadeMX advances, which does all that and more, involves lots of 
> work.

milter-sender worked exceptionally well as a piece of a larger solution 
  that I rolled my self.  I will have to investigate BarricadeMX to see 
if      it can suffice, or if I will have find an alternative gray list 
/ call  back filtering option.

Nothing against a comprehensive product, it is just that it does not 
match my current environment (as is currently configured).

> In addition call-back as an anti-spam technique is not well received 
> by large mail services; personally I think any technique that blocks 
> spam is useful, but more and more sites would block IPs using 
> call-back treating it as either as a dictionary attack or 
> backscatter. Plus the technique can be abused by spammers to harvest 
> email addresses by proxy. So part of the decision was also political. 
> Note that while BarricadeMX supports call-back, it is disabled by 
> default since version 1.0, because of the politics.

I understand and agree that this is (partially) a political decision. 
However, in making said decision, you also made the decision for your 
milter-sender users.  So the impact was fairly sizable.

I don't think I missed an email to the mailing list (but I may have) 
discussing milter-sender's lack of continuing development.  Had I seen a 
  discussion, I would have definitely chimed in (like now).

> Essentially it boils down to a low ROI for milter-sender vs. a more 
> comprehensive product like BarricadeMX.

Unfortunately it's that "more comprehensive(ness)" that make make it 
such that BarricadeMX is not a suitable replacement for milter-sender.

If all I want in a pocket knife is a knife blade (or two) and all I have 
  room for is such, then a larger more comprehensive Swiss Army Knife 
with  many more options may not fit.  :-(

> /me Wish I could figure out a nice way to broadcast an online demo of 
> BarricadeMX, its web-interface, SMTP interface (admin commands & 
> stats), and show off the feature set. Then people might see why I 
> invest so much time in it.

Would it be possible to set up a test sub-domain that has MX records 
pointing to an install of BarricadeMX and make the administration 
interface publicly available?

To prevent others from using it illicitly, MX to a relay, have said 
relay pass the (sub)domain on to BarricadeMX, have BarricadeMX do what 
it does.

Or, could you provide access to the BarricadeMX administration interface 
  (with out access to the SMTP path) so that we can see the glory that 
is BarricadeMX?  ;-)

Grant. . . .

P.S.  Sorry for the late reply.

Lists Index Date Thread Search