Difference between revisions of "Quorum.to"
(Slightly better layout)
|Line 1:||Line 1:|
Revision as of 00:56, 28 October 2012
I first heard from quorum.to when running my mail hosts through DNS BL lists (Blacklist Alert, MultiRBL vallidator, and Multi-RBL Check). They were not listed, but I noticed the a warning at the quorum.to service ("FRESH: TEMPFAIL (ask sender to retry later)"). Curiously, I clicked the link and was welcomed with a message:
- 18.104.22.168 not in database
- The specified host never sent mail to a quorum.to member site. Host will be added to the database and checked when it sends mail to a member mail host. To register this host with quorum now, send a message FROM IT to:
Curiously, I decided to send a mail to the specified mail address from my host. Here is the exact SMTP exchange that took place:
> ehlo fdijkstra.students.os3.nl < 250-probe.quorum.to < 250-PIPELINING < 250-ENHANCEDSTATUSCODES < 250-8BITMIME < 250 DSN < PIPELINING < ENHANCEDSTATUSCODES < 8BITMIME < DSN > mail FROM:<firstname.lastname@example.org> < 250 probe server > rcpt TO:<email@example.com> < 550 OK NEXT FOLLOW THIS LINK: http://www.quorum.to/q/8f6G253PxCdLyUsb4czUr5FkZgeRZGYHUIxQ5QD_AAA= > rset < 250 probe server
Interesting... A 550 response (meaning "This mailbox does not exist") with a URL. Well, maybe they have enough about the above. For one thing, it can look up the SPF record of macfreek.nl and see that this IP is indeed allowed to send email with this sender.
So I went to the specified URL, and got a status saying my message was being processed, which should take 2 minutes at most. Odd, I never got to send an actual message.
Fast forward 2 minutes later. After a reload, the web page is now displaying:
- 22.214.171.124: Mail rejected automatically (127.0.0.2)
- This host's status was updated < 2 minutes ago.
- No further updates are possible at this time.
- Host Details
- Discovered:< 2 minutes ago
- Updated:< 2 minutes ago
- Name:fdijkstra.students.os3.nl.: confirmed
- Network: students.os3.nl.
Hey, wait a minute! A 127.0.0.2 ("BLOCKED: Reject mail.") means I'm just being added as a spam record. Not funny.
Let's see if registration brings more. Register, I get a email with password... dated as send 4 days ago (apparently someone's server clock is seriously off.)
Registration didn't help, but after 30 minutes I visited to original page again, and lo-and-behold, I could request authorisation of the IP address, which I promptly did. Now the IP is listed on the white-list instead of the black-list. Great!
Well, my first impression isn't a very good one. IP got blocked for unknown reasons, and it is unclear what I should have done instead. Inactive forum at http://www.quorum.to/discuss.html (most active member was listed as having one posting). Server time is off by four days. Noting serious, perhaps it's just me who doesn't get it.
After examinging the nice architecture picture, things are still unclear. It seems that boths sender and recipient can make a claim about a domain, and the idea is that if many people lay trust in a system, the majority vote (the quorum) counts if the sender IP is trustworthy or not. Nice idea, but it is completely unclear to me how to vote. I created a log in, and also tested a few other IP addresses. One of them was also blocked (127.0.0.2 result), and it was not clear to me how to remedy that.
While the ideas of Julian Haight (create of quorum.to) may be good, the implementation leaves to be desired in my opinion. Given that I easily got myself blacklisted while trying to oposite makes me wonder if there are more false positives like that. The conclusion: I wouldn't want to base my anti-spam system on quorum.to.
Finally, I think that quorum is a bit outdated. Given that there are now many more realtime blacklist DNS servers, which base their decision on [tens of servers and thousands of emails], all automatically checked and verified, quorum.to seems like a tortoise to a hare. For one thing, spammer have a habit of changing IP addresses quickly and using botnets to make spam runs. A system which react by manual intervention seems too slow to keep up with actual spam.