Greylisting

portcullis

portcullis

Cape Connect Internet Rep
Company Rep
Joined
Oct 7, 2008
Messages
1,265
Reaction score
204
Location
Somerset West
We use greylisting on our email firewalls and have done so for years.

It's always worked very well.

These past couple of days I've noticed something strange going on in our logs. Mail from servers at saix is being greylisted. I'm not sure if they are using new servers or if the database records on our side have simply expired over time.

Either way, the servers sending the emails never resend them. As soon as our servers say "451 Please try again later." the other servers just give up.

Problem is that they aren't sending error messages back to the people sending the emails.

Result is that the senders think their emails have been delivered and the recipients are on our backs wanting to know what happened to their emails.

I could easily resolve the problem by disabling greylisting, but would then need to look at adding other anti spam measures - because greylisting works well for us.

Is greylisting still being used?
Has it been superceded with something else?

Why would saix just give up when confronted with a "451"?
 
Sheesh that's bad - and against RFC regulations which SAIX should be complying with!

I'll check with mine.
 
It is against RFC regulations.

All SMTP servers should retry until delivery have been acknowledged. So the onus is on SAIX to ensure their servers comply with the RFC regulations.
 
Frikkin Hell you're Right!

It seems to be OK at the moment.
I do notice a buggerup on the 29th where I have two messages that were not retried from a SAIX relay.

I will watch it closely for the next few days.
Thanks for the heads-up.
 
Last edited:
I've forwarded this thread to a contact of mine at SAIX, will let you know the feedback.
 
Its generally pretty safe to skip greylisting for all the servers listed at wl.org.za.

You can integrate it into your mail server config in a very similar way to how RBLs are handled - its very effective in ensuring legitimate mail is not rejected. :)
 
Jaco from SAIX has contacted me and we've been working on this.

These guys are actually doing an amazing job when you think that they are shifting in the region of 8 million messages a day and that those messages contain 3TB of data.

We still don't know why the SAIX servers in question are being greylisted, but I'm adding them to my white list to stop this happening in the future.
 
i am encountering something similar I have 2 domains A and B both are on the same server and both use the same exchange.

However since about Wednesday E-mails from SA sent to domain A are not going getting delivered, however the sender thinks that the message as been sent, (same as above), if a e-mail is sent from Gmail or another smtp out side SA the e-mails are getting though.

However emails sent to Domain B are going though fine.

Could this be related ??? how could i resolve it, since i don't have much more that Plesk access to the servers.
 
gboy said:
i am encountering something similar I have 2 domains A and B both are on the same server and both use the same exchange.

Could this be related ???
Click to expand...

No. If both domains are useing the same server then that server is not greylisting. (unless you have some way of switching it off on a per domain basis which I doubt since it's effectivly 1 smtp server so it's either on or off).

Greylisting purposely drops the connection (faking an error) and forcing the sending server to retry.This stops 95% of all spam before it even gets to the spam filter as virus infected pc's and spam drones don't bother retrying failed deliveries - saves bandwidth too.
 
Last edited:
they seem to be pointing to the same box, so it seems that we are at square on again. thanks for the suggestions.
 
Last edited:
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X