On Jan 21, 2011, at 9:14 AM, Jerrale G wrote: > time at random intervals, usually a time more or less than a real, > "accredited" smtp server would wait before retrying delivery. So, we need a > postscreen_bare_newline_minwait and postscreen_bare_newline_maxwait, which > would be the minimum and maximum time a NEW client would have to wait before > reconnecting before it is considered an OLD, passed client by > postscreen_bare_newline. > > The idea is that spammers that wait too long to reconnect should be still > considered NEW instead of making them considered OLD by the bare_newline > cache and the spammers that try to reconnect too early, less than 2 minutes > or so, should still be considered NEW still, instead of OLD. >
I believe your behavior assumption of "real accredited smtp servers" will only work in low volume situations. In higher volumes, an MTA may wait the normal retry time of a particular deferred message, but may make a new connection for a new message. There is also an example of a clustered environment, where there could be multiple MTAs behind a NAT (for example, load balancing web services), making it look like random connections. Hope that helps, -will
