Quorum.to

From Exterior Memory
Jump to: navigation, search
This article represent the personal opinion of Freek Dijkstra. It was written in October 2012. Remember that opinions may change over time, and this article will likely not cover a topic in detail. Modification by third parties is disabled. If you do not have your own website and really like to leave feedback, do so on the discussion page.

First Experience

I first heard from quorum.to when running my mail hosts through DNS BL lists (Blacklist Alert, MultiRBL vallidator, and Multi-RBL Check). They were not listed, but I noticed the a warning at the quorum.to service ("FRESH: TEMPFAIL (ask sender to retry later)"). Curiously, I clicked the link and was welcomed with a message:

145.100.102.7 not in database
The specified host never sent mail to a quorum.to member site. Host will be added to the database and checked when it sends mail to a member mail host. To register this host with quorum now, send a message FROM IT to:
register.2439276039@probe.quorum.to

Curiously, I decided to send a mail to the specified mail address from my host. Here is the exact SMTP exchange that took place:

> ehlo fdijkstra.students.os3.nl
< 250-probe.quorum.to
< 250-PIPELINING
< 250-ENHANCEDSTATUSCODES
< 250-8BITMIME
< 250 DSN
< PIPELINING
< ENHANCEDSTATUSCODES
< 8BITMIME
< DSN
> mail FROM:<postmaster@macfreek.nl>
< 250 probe server
> rcpt TO:<register.2439276039@probe.quorum.to>
< 550 OK NEXT FOLLOW THIS LINK: http://www.quorum.to/q/8f6G253PxCdLyUsb4czUr5FkZgeRZGYHUIxQ5QD_AAA=
> rset
< 250 probe server

Interesting... A 550 response (meaning "This mailbox does not exist") with a URL. Well, maybe they have enough about the above. For one thing, it can look up the SPF record of macfreek.nl and see that this IP is indeed allowed to send email with this sender.

So I went to the specified URL, and got a status saying my message was being processed, which should take 2 minutes at most. Odd, I never got to send an actual message.

Fast forward 2 minutes later. After a reload, the web page is now displaying:

145.100.102.7: Mail rejected automatically (127.0.0.2)
This host's status was updated < 2 minutes ago.
No further updates are possible at this time.
Host Details
Discovered:< 2 minutes ago
Updated:< 2 minutes ago
Name:fdijkstra.students.os3.nl.: confirmed
Network: students.os3.nl.

Hey, wait a minute! A 127.0.0.2 ("BLOCKED: Reject mail.") means I'm just being added as a spam record. Not funny.

Let's see if registration brings more. Register, I get a email with password... dated as send 4 days ago (apparently someone's server clock is seriously off.)

Registration didn't help, but after 30 minutes I visited to original page again, and lo-and-behold, I could request authorisation of the IP address, which I promptly did. Now the IP is listed on the white-list instead of the black-list. Great!

Conclusion

Well, my first impression isn't a very good one. IP got blocked for unknown reasons, and it is unclear what I should have done instead. Inactive forum at http://www.quorum.to/discuss.html (most active member was listed as having one posting). Server time is off by four days. Noting serious, perhaps it's just me who doesn't get it.

After examinging the nice architecture picture, things are still unclear. It seems that boths sender and recipient can make a claim about a domain, and the idea is that if many people lay trust in a system, the majority vote (the quorum) counts if the sender IP is trustworthy or not. Nice idea, but it is completely unclear to me how to vote. I created a log in, and also tested a few other IP addresses. One of them was also blocked (127.0.0.2 result), and it was not clear to me how to remedy that.

While the ideas of Julian Haight (create of quorum.to) may be good, the implementation leaves to be desired in my opinion. Given that I easily got myself blacklisted while trying to oposite makes me wonder if there are more false positives like that. The conclusion: I wouldn't want to base my anti-spam system on quorum.to.

Finally, I think that quorum is a bit outdated. Given that there are now many more realtime blacklist DNS servers, which base their decision on tens of servers and thousands of emails, all automatically checked and verified, quorum.to seems like a tortoise to a hare. For one thing, spammer have a habit of changing IP addresses quickly and using botnets to make spam runs. A system which react by manual intervention seems too slow to keep up with actual spam.