Anyone using zen.spamhaus.org?

Jim Holland mailscanner at mango.zw
Fri Sep 8 07:59:06 IST 2006


On Thu, 7 Sep 2006, Chris Sweeney wrote:

> Thats funny I have never had that problem.
> 
> Res wrote:
> > On Thu, 7 Sep 2006, Jim Holland wrote:
> >
> >> I haven't noticed hotmail doing that, but other large ISPs such as
> >> Yahoo,
> >> Gmail, MessageLabs etc seem to make only a single delivery attempt
> >> and if
> >> that tempfails they still return the mail to sender and don't try the
> >> secondary.  Very annoying!
> >
> > Hmmm I've never checked gmail, dont have/need an account there, 
> > thanks for the heads up

I had a specific problem with the above three ISPs because they all ignore 
the SIZE extension during the SMTP transaction.  Our system has very 
little bandwidth - 64K for our 2,500 users.  So we need to be very 
efficient, and set a 1.5 MB size limit on incoming mail.  However these 
three systems will happily attempt to deliver us messages of 10 MB or 
more.  Because they don't announce the size at the beginning, we can't 
tell them the message is too large until they have sent the full message.  
Which is a huge waste of bandwidth.

So I thought I would be clever and give them a 451 error when their
servers connected, so they would always be forced to use our secondary MX
which has far more bandwidth than we do.  I do that frequently when being
mailbombed by a system sending genuine mail (eg huge mailing lists) - they
then send the mail to the secondary from which I can collect it during
off-peak periods. However when I checked over the day that I tried to
implement this with Gmail, Yahoo and MessageLabs, there was no indication
that the mail we had tempfailed here from these three systems was being
resent to our secondary MX.  I quickly stopped doing it - and am still
left with the problem of how to block their annoying large messages.

Perhaps I have drawn too broad a conclusion about these ISPs from this
experience?  Perhaps an explicit 451 generated by us causes them to
respond differently than if they got a different kind of temporary failure
such as a timeout.  However if I am correct I would expect that
greylisting would not work with these systems for the same reason.

Regards

Jim Holland
System Administrator
MANGO - Zimbabwe's non-profit e-mail service



More information about the MailScanner mailing list