[geeks] ADMINISTRIVIA: Changes to mail delivery policies

David Cantrell david at cantrell.org.uk
Wed Mar 13 06:21:26 CST 2002 

On Wed, Mar 13, 2002 at 02:12:39AM -0500, Greg A. Woods wrote:

> I just want to point out that your choice of 24 hours is very bogus on
> at least two fronts, and also tell you I'm not the only one saying so.
> 
> Large parts of the Internet can be easily and regularly cut off from the
> rest of the net for even a full long weekend.  All the net is not in the
> USA (and even there the number of back-water leaf nodes on the net is
> very large.  "All our base do NOT belong to you!"

Off the top of my head, I can't think of a single person whose mail servers
are liable to die for a full day.

> Secondary MX hosts are very rare and increasingly so.

Tough shit.  Not having them is mad.

>                                                        It is impossible
> to run a secure MTA with a secondary MX that you do not control

It is impossible to run a secure MTA full stop.  It *is* possible to run a
sufficiently secure MTA, and I don't see why having a secondary MX outside
my immediate control changes that.  As it happens, my own secondaries,
whilst outside my immediate control, are controlled by people I trust to
not be Really Stupid.  I imagine that applies to just about everyone
interested in posting to a sunhelp.org list.  And if there's anyone here
who doesn't have a secondary MX, I'm sure if you ask nicely enough someone
will be willing to help out.

>                                                                 so even
> if people do have secondary MXers then they will likely both become
> unreachable when connectivity fails since they'll both be sitting
> topologically side by side on the very same logical IP network.

That would be just plain stupid.  My own secondaries are all at least ten
miles from my primary, on seperate logical and physical networks.
Admittedly, the secondary for cantrell.org.uk is run by my ISP so if they
die completely, my mail dies, but then, if they die, I have more important
things to worry about than dropping off a mailing list or two.  The
secondaries for my other domains are on different continents, so my mail
(and my DNS) is proof against an asteroid strike even if I'm not :-)

> Your decision is not just contrary to good common sense given these very
> real circumstances -- it's also contrary to the guidelines in the newly
> proposed SMTP standard as documented in RFC 2821:
> 
>    Retries continue until the message is transmitted or the sender gives
>    up; the give-up time generally needs to be at least 4-5 days.
> 
> (In RFC speak that's the equivalent of a _very_ strong "SHOULD".)

It says GENERALLY.  This is a special case.

> > Yes, I'm turning into a mail BOFH.  If you dont like it, you can unsubscribe,
> > or start paying for my bandwidth.  8-)
> 
> The retries (normally just three tiny SYN packets each) for 5 days
> backlog for a few unreachable sites are not going to even be a tiny
> pixel on your bandwidth graph ...

True. But you still have the issue of retries still happening even after
someone has been unsubbed.

-- 
David Cantrell | david at cantrell.org.uk | http://www.cantrell.org.uk/david

       The Americans will always do the right thing...
       after they've exhausted  all the alternatives.
                                  -- Winston Churchill

More information about the geeks mailing list