gpg: failed to create temporary file '/var/lib/lurker/.#lk0x56fcc100.hantslug.org.uk.10317': Permission denied
gpg: keyblock resource '/var/lib/lurker/pubring.gpg': Permission denied
gpg: Signature made Wed Apr 25 20:08:22 2007 BST
gpg: using DSA key 2099B64CBF15490B
gpg: Can't check signature: No public key
On Wed, Apr 25, 2007 at 07:39:49PM +0100, Tom Dawes-Gamble wrote:
> Hi,
>
> On Wed, April 25, 2007 5:56 pm, Andy Smith wrote:
> > On Wed, Apr 25, 2007 at 05:40:19PM +0100, Tom Dawes-Gamble wrote:
> >>
> >> On Wed, April 25, 2007 3:06 pm, Andy Smith wrote:
> >> > Just bear in mind it is not a panacea and has some quite serious
> >> > downsides.
> >>
> >> What are these serious downsides?
> >
> > First and foremost you have to tweak what you consider to be "the
> > same source" when looking for attempts from "the same source" --
> > large networks like gmail, yahoo!?!?!,
>
> Yes I use postgrey and it has rules to handle number of domains like that.
Having to manually find and add exceptions is not always very
scalable and is a requirement that did not previously exist before
greylisting was introduced. It could well be scalable for you and
me, but is it for everyone?
> > Basically you are intentionally slowing down email by rejecting it
> > temporarily. In an ideal world where everyone complies with common
> > internet practice this would introduce a ~10 minute delay, once.
> > However the real world is full of companies like NTL and Yahoo!?!?!
> >
>
> Yes it's not ideal. But then this is not an ideal world.
People need to give pause for thought before introducing deliberate
breakage, which was not evident in the thread up to that point.
> > so the drones will start to cope with tempfails; it's not hard. So
> > the whole idea has a very limited lifespan which reduces faster the
> > more people use it.
>
> Of course. But that is not really a down side.
That really depends on a number of factors including how much your
users will be affected by the breakage you introduce and how quickly
spammers will adapt to it. My point is it's a risk-reward analysis
which people should examine before doing it; when I commented in
this thread it was to people who were essentially claiming that
greylisting solved all their spam problems.
> I would say that well over 90% of the mail coming in to my mail server is
> spam. Since I started Grey listing my spam has become managable by hand.
>
> Yesteday I greylisted 199 emails 179 didn't retry. So I guess that was
> spam.
>
> In the two months or so I've been using it no one has had problem mailing
> me and none of the other users have complained of mail not getting though.
> In fact they have commented how wonderful the new system is.
None of the above invalidates anything I have said. Like I said, I
use it myself, in a limited fashion. All mail to andy@??? is
greylisted and has been for a long time, for example. But it is in
no way a drop-in solution.
> > There is still no FUSSP:
>
> No there isn't but that doesn't mean you shouldn't use what tools are at
> your disposal.
What it does mean is that whenever people say things like "I'm using
$TECHNIQUE and I get almost no spam now!" it doesn't mean that they
are not making some sort of trade-off, which may be significant or
unworkable in the specific case.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
Encrypted mail welcome - keyid 0x604DE5DB
My words are my own and do not represent Jacqui Caren.
