Forums

Hargreaves Wrote:LodC, thank you for your patronising explanation of the details of greylisting, which for me at least, were already pretty clear.

My situation matches your final hypothetical in that I'm unable to receive messages from people who mail to my now well established (Been using it for years with no problems until greylisting) email address provided to me by a redirection company. This company, in it's infinite wisdom has decided it simply cannot operate without the wonderful solution of greylisting.

Your hypothetical details all manner of wonderful benefits that will arise from people receiving an error message when they attempt email me. These apparently range from them realising how foolish they've been not to have changed 'a single setting' through to them being provided with a wonderful opportunity to be educated by me as to the joys of greylisting itself. I can even direct them to this site! How lovely it all is in your simplistic fantasy world.

In the real world, the one in which I and may others like me operate, things are somewhat different. In my world if I hand my business card to someone, they might decide to email me, they might not. They've just met me. If they do email me and they receive an error message which they've never encountered before and which looks pretty similar to a 'bounce back' message, then that's what they'll assume. The email bounced. What's worse, if they bother to read the message it instructs them NOT to resend as the message is simply delayed.

From this they can only assume two things. Either 1) My email address is wrong or I've not paid my bills or 2) I will eventually receive their message (which I won't) and my non-reply will be construed as rudeness.

Where in all this do I get the opportunity to "help their problems" or "pass along resources like this website"? If NEVER GET the email then I never know they've attempted to contact me at all.

Your hypothetical assumes they'll either ring me or use a carrier pigeon or perhaps place an ad in the local paper to inform me that there's some problem with my email address. Total and absolute ivory tower IT professional conceit. Like everyone using the internet is just waiting for a reason to talk to their technical staff about server configuration. The point is to stay out of the way and make it work, not find ways to make yourself, and your professional concerns everyone else's problem.

Hmmm.. I don't really know what to think about your message. You seem very upset, even upset with me. I was trying to help people understand what is happening and what small things you might do to make things better. If you mistook that as something deserving of your hateful rant, I think you have problems much larger than I am qualified to help you with.

As to the points you make, I do see how email from unknown users (people you met on street or whatnot) is a unique problem. If you are a salesman, you probably are more willing to wade through the spam to find that one golden opportunity than the typical person. For your situation, obviously you do not want to implement any sort of filtering that could result in a false positive, regardless of the reason. However, surely you must realize that the average user of internet email is very different. Do you think your provider gets more calls from people frustrated with the spam in their mailbox, or from people like you? Your provider made a decision based on the desires of the average user, and unfortunately it wasn't what you wanted. In the "real world", that happens. Deal with it, you have options:

I'm not entirely sure what you mean by "a redirection company", but it might be very simple and easy for you to switch to a service that does not implement greylisting. In most cases you would be able to keep your existing email addresses and none of your customers would know that you had made a change. Also, you probably already asked your current provider about this, but many greylisting implementations do allow the provider to "turn off" greylisting for mail to users that request it.

Hopefully you can understand that the motivation behind all of this is not an attempt to ruin your business, but merely an effort to provide the majority of people with a solution to the number one complaint they have about their email. As a business person surely you must realize that customer satisfaction, and not some sort of technical elitism, drives decisions like the one your provider made. The point is to stay out of the way and make it work, not find ways to make yourself, and your professional concerns everyone else's problem. I hope I've given you some ideas on how to make it work for you.

-LodC

Quote:If you mistook that as something deserving of your hateful rant, I think you have problems much larger than I am qualified to help you with.

I'm not clear how my reply qualifies as a hateful rant.

If you object to my use of sarcasm then perhaps you should refrain from inferring that I'm some sort of saleman desperate for 'opportunities' gained by handing my card to people on the street. I do think you wrote it with a smile on your face so I'm not the least offended. In any case I am neither a salesperson or prone to handing my card to random individuals. Nor do I get much spam, and no this is not thanks to Greylisting.

I don't see is how giving someone your email address as a sole form of contact is an 'unique problem'.

I feel the point is worth making because of my concerns with Greylisting, (and I remind you that the subject of the thread is "What do you think of greylisting?" not "Inform everyone what greylisting is").

Email is already under threat from the constant growth of spam and the success of propriatory instant messaging systems. To introduce a filtering method which piggy-backs on a server configuration to reduce spam but results in bounced email with a misleading message (ie: "this message is delayed only, do not resend") in cases where the server is not 'correctly' configured is in my view lazy and presumptive.

Lazy because it doesn't actually filter mail it simply bounces it and assumes the message will be resent. In which case it allows it through. Presumptive because of the above assumption and also the inate judgemental attitude that effectively states that mis-configured servers are not the problem of right thinking server administrators. I can't help but view it as server configuration boffins hurling their plague filled donkeys over the ramparts at eachother with gleeful snickers whilst the bemused townsfolk try to carry on with business.

If that doesn't make sense to you let me put it another way: The spam senders send a plague of penis enlargement emails. The server configurators reply with a bounce response knowing the spammers don't configure to resend (not yet at least), all the while also knowing a few innocent emails will be denied access. To justify this they reassure themselves that misconfigured servers deserve to be lumped in with spammers.

Collateral damage so to speak. For me however, if I can't hand my email address to an important new contact without the reassurance that if they email me it will get through without drama then that email address is of almost no value to me because there's no way of knowing which emails won't get through. Even you can see that I can't be calling people up to ask them if they've email me or not.

So to talk of one or two emails being lost is to avoid the real issue. An address is only valueable if you can be confident all mail will get through. To suggest talking to the server admin personnel is again, missing the point. You can only do that for emails you know haven't been delivered.

My point: Don't implement a system which relies on other people to have 'flicked the right switch', however neccessary or simple you deem it to be to do if it means some emails won't get through. Every personal email is important to someone.

Instead, like a doctor, first do no harm.

Hargreaves Wrote:

Quote:If you mistook that as something deserving of your hateful rant, I think you have problems much larger than I am qualified to help you with.

I'm not clear how my reply qualifies as a hateful rant.

Well, first you accused me of being partonizing. Then you insult the people at your hosting company's intelligence, accuse me of living in a fantasy world, accuse me of professional conceit, and finally attempt to belittle the entire IT industry by telling us to "Stay out of the way and make it work".

Quote:If you object to my use of sarcasm then perhaps you should refrain from inferring that I'm some sort of saleman desperate for 'opportunities' gained by handing my card to people on the street. I do think you wrote it with a smile on your face so I'm not the least offended. In any case I am neither a salesperson or prone to handing my card to random individuals. Nor do I get much spam, and no this is not thanks to Greylisting.

I don't see is how giving someone your email address as a sole form of contact is an 'unique problem'.

I feel the point is worth making because of my concerns with Greylisting, (and I remind you that the subject of the thread is "What do you think of greylisting?" not "Inform everyone what greylisting is").

Actually, the title of this thread is "What do you think of greylisting.org." The owner of this website was interested in what he could do to improve it, if you actually read the post. No one asked for comments on greylisting itself. Despite that fact, some people were posting in this thread who seemed confused and upset because "greylisting blocked their emails". Thus I felt it might be helpful to these people to explain what really happened and what they might do to help things work better in the future. I agree that this thread isn't the designated place to help people, but since the people needing this information are ending up here for whatever reason, it seemed like a good place to put it.

Quote:Email is already under threat from the constant growth of spam and the success of propriatory instant messaging systems. To introduce a filtering method which piggy-backs on a server configuration to reduce spam but results in bounced email with a misleading message (ie: "this message is delayed only, do not resend") in cases where the server is not 'correctly' configured is in my view lazy and presumptive.

You put correctly in quotes... do you not understand that these servers are configured incorrectly according to the one and only standard that defines how SMTP is implemented? There is no ambiguity or discussion to be had on this point, they ARE misconfigured and they do lose mail for many reasons because of it.

Quote:Lazy because it doesn't actually filter mail it simply bounces it and assumes the message will be resent. In which case it allows it through. Presumptive because of the above assumption and also the inate judgemental attitude that effectively states that mis-configured servers are not the problem of right thinking server administrators. I can't help but view it as server configuration boffins hurling their plague filled donkeys over the ramparts at eachother with gleeful snickers whilst the bemused townsfolk try to carry on with business.

If that doesn't make sense to you let me put it another way: The spam senders send a plague of penis enlargement emails. The server configurators reply with a bounce response knowing the spammers don't configure to resend (not yet at least), all the while also knowing a few innocent emails will be denied access. To justify this they reassure themselves that misconfigured servers deserve to be lumped in with spammers.

Collateral damage so to speak. For me however, if I can't hand my email address to an important new contact without the reassurance that if they email me it will get through without drama then that email address is of almost no value to me because there's no way of knowing which emails won't get through. Even you can see that I can't be calling people up to ask them if they've email me or not.

As long as these misconfigured servers remain broken, they will lose mail sent to you. It might be because of greylisting, or it might be because of the hundreds of other things that happen every day that these servers are unable to handle correctly. This was, in case you missed it, the point of my original posting. Just like you, I would like email to be more reliable. If having perfectly reliable email is so important to you, why are you complaining about a system which brings these flaws to light? You lost emails because of these same broken servers before greylisting, and unless they are fixed you will continue to lose emails.

Quote:So to talk of one or two emails being lost is to avoid the real issue. An address is only valueable if you can be confident all mail will get through. To suggest talking to the server admin personnel is again, missing the point. You can only do that for emails you know haven't been delivered.

My point: Don't implement a system which relies on other people to have 'flicked the right switch', however neccessary or simple you deem it to be to do if it means some emails won't get through. Every personal email is important to someone.

The entire internet relies on people to have "flicked the right switches". Everything that happens online is the result of standards being defined and implemented. When people setup their servers in a way that violates these standards, the system starts to fail.

Quote:When people setup their servers in a way that violates these standards, the system starts to fail.

As you have made clear, I'm not an expert in server configuration. So, perhaps my definition of failure differs from yours.

In my case someone was able to send me email. Infact, I was able to send email to myself from a freelance workplace to my own personal address without any issue. When the company I use to redirect my mail implemented greylisting my mail was rejected along with all mail from that same company. I later realised the same problem had occured in at least one other case, from an unrelated company. Again, mail to me was lost.

So, basically, before greylisting, all good. After greylisting, not so good. I can't vouch for hypothetical power outages or cord tripping incidents as they have, to my knowledge, never resulted in my losing mail. I would say however that were such an event to take place the effect would be more notable in a cause/effect way and senders from misconfigured servers would be less likely to blame the recipient than they would be in the case of greylisting, which is largely invisible to the average internet user.

I would suggest that the system is always prone to be effected by random events such as acts of god or idiot. To implement a filtering system which relies on deficiencies in the system to operate is itself a failure to provide a fully effective solution to an existing problem.

Quote:and finally attempt to belittle the entire IT industry by telling us to "Stay out of the way and make it work".

This was not an attempt to belittle an entire industry. What, in your view, is the alternative to staying out of the way and making it work?

Quote:Actually, the title of this thread is "What do you think of greylisting.org." The owner of this website was interested in what he could do to improve it, if you actually read the post. No one asked for comments on greylisting itself.

This is a fair point, and you are correct, I misread the title of the thread. In my defense, I believe most everyone else did the same as there is little in the way of suggestions to improve the site itself posted here with the exception of one that this forum should be moderated.

I took exception with your explanation because I felt that the site contains ample explanation of greylisting itself in other areas. I believe you did so at least partly because you believe greylisting is entirely blameless and that those who would disagree do so more from ignorance than actual genuine cause. This is why I said I found it patronising, and I stand by that original statment.

Hargreaves Wrote:

Quote:When people setup their servers in a way that violates these standards, the system starts to fail.

As you have made clear, I'm not an expert in server configuration. So, perhaps my definition of failure differs from yours.

In my case someone was able to send me email. Infact, I was able to send email to myself from a freelance workplace to my own personal address without any issue. When the company I use to redirect my mail implemented greylisting my mail was rejected along with all mail from that same company. I later realised the same problem had occured in at least one other case, from an unrelated company. Again, mail to me was lost.

So, basically, before greylisting, all good. After greylisting, not so good. I can't vouch for hypothetical power outages or cord tripping incidents as they have, to my knowledge, never resulted in my losing mail.

So... you never realized that you were losing mails whenever any error occurred until greylisting. Since, as you say, you are not an IT expert, I will assume you also are not aware of how frequently things such as power, network connections, and the humans operating these systems fail. If this is completely boring to you, fine, skip it. I do want to be as complete as possible in my explanation because to me it is important. A common measurement for the reliability of servers is the "number of nines", meaning how often is a server available with 100% being the impossible perfectly available server. Five nines, or 99.999% is considered quite a difficult goal with today's equipment and services. Five nines means that every year, for at least 5 minutes and 15 seconds, that server is down. Most mail servers are not this reliable. When you send an email, it is sent through at least two SMTP servers but quite often several more. It typically also travels through dozens of other pieces of equipment at multiple sites around the world, any one of which can cause a failure identical to the effect of greylisting. I was not quickly able to find a published study that gave the overall probability of a message being delivered on any given attempt, but surely you can agree that it is less than 100%.

You stated that every personal email is important. I completely agree. Can you then agree with me, given that any one delivery attempt is NOT 100% certain of success, that email servers should be configured to retry? When the world wide accepted standard explicitly says that all mail servers must retry delivery, and when there is massive evidence to show that servers which do not retry DO lose important emails, why should we not blame the people responsible for these misconfigured servers when their servers lose emails due to their misconfiguration?

Quote: I would say however that were such an event to take place the effect would be more notable in a cause/effect way and senders from misconfigured servers would be less likely to blame the recipient than they would be in the case of greylisting, which is largely invisible to the average internet user.

If that were true, I would be less convinced of my position. Unfortunately this is not the case. ANY error that causes a delay or temporary failure will be presented in exactly the same manner to the sender who uses these servers, which all too often means they will not be notified in any way. A greylisting event is no different from a server error, in fact it uses the SMTP standard "temporary local problem" error code.

Quote:I would suggest that the system is always prone to be effected by random events such as acts of god or idiot. To implement a filtering system which relies on deficiencies in the system to operate is itself a failure to provide a fully effective solution to an existing problem.

Quote:and finally attempt to belittle the entire IT industry by telling us to "Stay out of the way and make it work".

This was not an attempt to belittle an entire industry. What, in your view, is the alternative to staying out of the way and making it work?

This is way off topic, but what the hell. There isn't a business management course offered today that doesn't spend time on the strategic importance of IT. Google around and you will find literally hundreds of studies and papers explaining the importance of IT not only to accomplishing business goals but also to defining them. As you may have noticed, IT has changed the way that businesses operate from the shipping department to the CEO's office. Perhaps instead of telling your IT people to stay out of your way, you should pay attention to where they are headed.

Quote:

Quote:Actually, the title of this thread is "What do you think of greylisting.org." The owner of this website was interested in what he could do to improve it, if you actually read the post. No one asked for comments on greylisting itself.

This is a fair point, and you are correct, I misread the title of the thread. In my defense, I believe most everyone else did the same as there is little in the way of suggestions to improve the site itself posted here with the exception of one that this forum should be moderated.

I took exception with your explanation because I felt that the site contains ample explanation of greylisting itself in other areas. I believe you did so at least partly because you believe greylisting is entirely blameless and that those who would disagree do so more from ignorance than actual genuine cause. This is why I said I found it patronising, and I stand by that original statment.

I do believe ignorance is a the root of some of the complaints here. I also hope that my explanation is of some benefit to those people who, despite the many other sources of information available here, still post comments to this thread which demonstrate their lack of understanding.

As for greylisting being "blameless", well... it does comply fully with the SMTP specification. It may be a situation somewhat similar to "what's legal" VS. "what's morally right" , but were this a court case with the RFC defining SMTP as our lawbook, greylisting has commited no crime. On the other hand, servers which lose messages for any reason including greylisting do violate the only laws that us IT folks have to go by.

Quote:Can you then agree with me, given that any one delivery attempt is NOT 100% certain of success, that email servers should be configured to retry?

Yes, I can. You've made an excellent case in defense of configuring servers to retry. Greylisting uses this configuration standard but is not in itself an example of the best practice you refer to. When mail is lost due to a false bounce, in the case of greylisting, blaming the server misconfiguration is really more a way of taking the attention off greylisting than a defense of greylisting.

For you, as an IT professional, it may be hard to view the experience of losing mail to greylisting's arrival from a layman's perspective.

Let's say you pay for a post office box. You receive mail, some of it imporant and some of it trivial, all without any issue that you are ever made aware of. At one point you decide to move to another suburb. Choosing to keep your PO box you elect to pay a modest fee to a private firm to have mail sent to this location redirected to another location. This similarily works without problem. Becoming accustomed to the reliability you start to place your PO box number on your business stationary and provide it as a means of contact.

Then one day there is a problem. A letter you are expecting, an important one, never arrives. You ask the sender and they say they received a note saying their letter was delayed, but not to fear it would arrive at its destination shortly. So, they thought nothing of it, except to wonder why you had not replied.

Over the next few days you see the problem repeated. So, after asking firstly the Post Office to check their system for problems you ask the people you've been paying to redirect your mail.

Yes, they say, they've got a new system in place. With new GreyLetter all mail sent to you is now sent back to the post office. Not to worry though, the post office will send it again. This prevents all the terrible unwanted bags of letterbombs and penile implant brochures you've been getting daily.

But, you protest, you've not been getting the implant brochures, you just want your mail to be reliable again.

"Don't be silly" says the GreyLetter implemention specialist, "You already rely on the post office to resend you're mail. GreyLetter just uses this system, it's for you're own good."

But, I just want my mail to be reliable again, you say again.

I'm am reading things here to try to understand what greylisting is and does as my web host just advised they have used it so that I can get "some" of my business emails.

All I know is that my emails used to arrive promptly without problems. I was getting a lot of spam (some even from myself - huh????) so I redirected my email via gmail as it has a very efficient spam filter but allows me to check to ensure the wrong thing doesn't end up tagged as spam. At least I understood all that...

Then I found I had a virus on my computer that the antivirus program had not deleted despite many attempts. My ISP and webhost both told me not to worry about the spam and said you can't do anything to stop people using your email address when spamming others..... this is a horrifying thought!!

For the past few weeks I had only a few spam emails per day BUT, unfortunately NO EMAILS that were addressed to my email@mydomain.name

I've read lots of comments here but they are all too technical for me to understand. Perhaps if you could imagine that I'm a 6 year old when explaining things - that might help. Please understand that I'm not stupid, it's just that I don't understand ANY of the technical terminology!

As of a few hours ago I received a test email I sent to myself (WOW!!! -great news after several weeks!) but what about all my poor customers, both old and new from all over the country, who have no idea why I haven't responded to them? As I have no idea who tried to contact me to place an order during this time, I can't phone them back.

Question: Is email now becoming useless because of virus/spamming? Maybe we should go back to snail mail (post) or phone?

Surely there should be a better way to stop viruses/spamming than to block genuine emails? Will this greylisting work for any customer from anywhere who wishes to contact me?

All I want is for my webhost and ISP to provide me with the service that I used to have!

bewildered Wrote:I'm am reading things here to try to understand what greylisting is and does as my web host just advised they have used it so that I can get "some" of my business emails.

All I know is that my emails used to arrive promptly without problems. I was getting a lot of spam (some even from myself - huh????) so I redirected my email via gmail as it has a very efficient spam filter but allows me to check to ensure the wrong thing doesn't end up tagged as spam. At least I understood all that...

Then I found I had a virus on my computer that the antivirus program had not deleted despite many attempts. My ISP and webhost both told me not to worry about the spam and said you can't do anything to stop people using your email address when spamming others..... this is a horrifying thought!!

For the past few weeks I had only a few spam emails per day BUT, unfortunately NO EMAILS that were addressed to my email@mydomain.name

I've read lots of comments here but they are all too technical for me to understand. Perhaps if you could imagine that I'm a 6 year old when explaining things - that might help. Please understand that I'm not stupid, it's just that I don't understand ANY of the technical terminology!

As of a few hours ago I received a test email I sent to myself (WOW!!! -great news after several weeks!) but what about all my poor customers, both old and new from all over the country, who have no idea why I haven't responded to them? As I have no idea who tried to contact me to place an order during this time, I can't phone them back.

Question: Is email now becoming useless because of virus/spamming? Maybe we should go back to snail mail (post) or phone?

Surely there should be a better way to stop viruses/spamming than to block genuine emails? Will this greylisting work for any customer from anywhere who wishes to contact me?

All I want is for my webhost and ISP to provide me with the service that I used to have!

You haven't gotten any valid emails for a few weeks? Something is very, very wrong. You need to speak to your ISP for technical support.

-Lod

Thanks Lod,
.... I've contacted them numerous times over the past weeks (they always tell me it is #1 priority with them but they have STILL not been able to reestablish any email service to me via my website email addresses ... tests show I'm not getting ANY emails via my me@mywebsite addresses, but do get others via Gmail, etc. Ouch!!!Really bad for business!!!

QUESTION: Can I open a new webhosting account either with them or elsewhere and post the same website to it? I'm just wondering that if I did that, would I have a "clean sheet" to start again and maybe get my emails?

Can I call myself "FRUSTRATED & bewildered" by all these technical problems?

lodc Wrote:

bewildered Wrote:I'm am reading things here to try to understand what greylisting is and does as my web host just advised they have used it so that I can get "some" of my business emails.....

You haven't gotten any valid emails for a few weeks? Something is very, very wrong. You need to speak to your ISP for technical support.

-Lod

bewildered Wrote:Thanks Lod,
.... I've contacted them numerous times over the past weeks (they always tell me it is #1 priority with them but they have STILL not been able to reestablish any email service to me via my website email addresses ... tests show I'm not getting ANY emails via my me@mywebsite addresses, but do get others via Gmail, etc. Ouch!!!Really bad for business!!!

QUESTION: Can I open a new webhosting account either with them or elsewhere and post the same website to it? I'm just wondering that if I did that, would I have a "clean sheet" to start again and maybe get my emails?

Can I call myself "FRUSTRATED & bewildered" by all these technical problems?

lodc Wrote:

bewildered Wrote:I'm am reading things here to try to understand what greylisting is and does as my web host just advised they have used it so that I can get "some" of my business emails.....

You haven't gotten any valid emails for a few weeks? Something is very, very wrong. You need to speak to your ISP for technical support.

-Lod

It is hard to even guess at what has gone wrong here, but yes, you absolutely can switch providers and take your domain with you so long as you registered it yourself and you have control over the DNS. If you bought the domain from a registrar like Network Solutions or Dotster or Godaddy etc then you are not bound to any particular hosting provider.
It sounds like that might be a smart move if your current provider cannot resolve the email issue for you.

It is reasonable to expect a resolution to ANY email problem you have in a matter of hours, not days and definitely not weeks. You should be able to find a provider that can give you this level of service without much effort.

Good luck
-LodC