On Sun, Jan 02, 2005 at 03:31:38PM -0800, Thomas Bushnell BSG wrote: > Santiago Vila <[EMAIL PROTECTED]> writes: > > > I was just following your line of reasoning: > > > > "You cannot justify the bad things that happen as a result of your > > actions by saying that your goals cannot be reached without such bad > > things happening", where: > > > > action = greylisting > > bad things that happen = delayed email > > > > Try reducing the level of spam to a 1/10th without false positives > > and without delaying any email. > > You cannot justify graylisting by saying "but this is the only way to > stop spam!" You *can* justify it by comparing the costs against the > benefits. > > The worst case costs of well-implemented graylisting should be > something like a short delay in an email message; the worst case of a > false positive rejection can be much much worse indeed.
The worst case for graylisting is the same as a false positive: undelivered
mail. Yes, there are servers out there that are non-spam (like, for one
known example, at least one major airline's reservation notification
system) that don't attempt to re-send on a 4xx code.
Note that I'm not going to argue the merits of graylisting vs. other
methods, or the actual measured costs, except to point out that you can
implement *your* end of the protocol perfectly, in a way that shouldn't
cause any mor than a delay, and the other guy can still screw it up for
you.
O() notation is useful, but in the real world, one must always remember
that O(n) is n*k1+k2, O(n^2) is n^2*k1+n*k2+k3 - and the values of the
constants can potentially matter. A lot.
--
Joel Aelwyn <[EMAIL PROTECTED]> ,''`.
: :' :
`. `'
`-
signature.asc
Description: Digital signature
