lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 8 May 2007 00:19:15 +0300
From:	Matti Aarnio <matti.aarnio@...iler.org>
To:	linux-kernel@...r.kernel.org
Subject: Re: gmail is a bit too popular..

On Mon, May 07, 2007 at 10:18:21PM +0200, Willy Tarreau wrote:
> On Mon, May 07, 2007 at 05:55:55PM +0300, Matti Aarnio wrote:
...
> > The  gmail  is so popular, that with their somewhat rudimentary 
> > inbound MTA software this kind of recipient masses take horrible
> > time to feed in...  Mere 0.5-0.7 seconds per recipient, but..
> > 
> > So far we have tried to feed all recipients in one go per
> > message - that is sending 2100  RCPT TO -lines in one swoop,
> > and the system has taken some 15-25 minutes per message to
> > feed it to gmail.  We are running the delivery 20 streams in
> > parallel, so it isn't quite as bad as it sounds..
> > 
> 
> I suspect they behave like that on purpose to fight spam.

No.  VGER is on the extreme outer edge of things, only very few
legitimate systems have a need to send this much recipients for
each and every message.  Some small list with perhaps 10 subscribers
at gmail notice nothing.  Not even with 100 subscribers, but soon
after that the sending list sysadmin may notice something...

Comparing with spammers - message content analysis (ever so difficult
thing anyway) is _easier_ per recipient when we are sending 100
recipients for each DATA-dot body.  It is 1/100:th cost per recipient
compared to "send one RCPT for each body".  We could send all 2100
recipients if systems could negotiate such raised limit (there is
no standardized way, just one private ad-hoc,) and do the recipient
acceptance analysis fast enough so that PIPELINING-mode would really
gain benefits.

> If they implemented pipelining, it wouldn't help them.

It would not hurt them either.  Just help us very few who
are at this extreme outer edge of things..

Lightspeed delay (ping) is about 160 ms, so there is still some
300-600 ms that the gmail system is munching somewhere per recipient..

Anyway, VGER is now tuned so that the delivery delay stays usually
under about 1 hour per message to gmail.

....
> Willy

  /Matti Aarnio
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ