Autor: Paul Fecha: A: exim-users Asunto: [exim] Funny and sad side of grey listing when they have multiple
MX...
This is not a problem with exim - but others may notice it in their
logs, and since I did not immediately twig to the cause, I thought I'd
post it on this list to help others...
On a routine trawl through my logs, I noticed one of the sites regularly
sent to is now greylisting - so far so good, exim doesn't care and
beyond that it uses more of my resources for each message neither do
I... but now for the funny bit - initially I thought the exim retry
mechanism was broken (it isn't) because there was an (almost) instant
retry on the temporary failed delivery... then I worked out why - take a
look at this log below (email addresses altered to protect the guilty).
Initial try fails because of grey listing
2006-01-28 19:02:13 1F2l24-0000rB-2E SMTP error from remote mail server
after RCPT TO:<abc@???>: host vscan2.hotkey.net.au
[202.138.0.45]: 450 <abc@hotke
y.net.au>: Recipient address rejected: Policy Rejection: Hotkey
Greylisting in progress ... Please try again after 2 minutes
A subsequent try, almost immediately - this is what made me think my
retry config was wrong
2006-01-28 19:02:19 1F2l24-0000rB-2E SMTP error from remote mail server
after RCPT TO:<abc@???>: host vscan3.hotkey.net.au
[202.138.0.46]: 450 <abc@hotke
y.net.au>: Recipient address rejected: Policy Rejection: Hotkey
Greylisting in progress ... Please try again after 2 minutes
And another subsequent, try, again, almost immediately
2006-01-28 19:02:20 1F2l24-0000rB-2E == abc@??? R=dnslookup
T=remote_smtp defer (-44): SMTP error from remote mail server after RCPT
TO:<abc@???
u>: host vscan1.hotkey.net.au [202.138.0.44]: 450 <abc@???>:
Recipient address rejected: Policy Rejection: Hotkey Greylisting in
progress ... Please try again af
ter 2 minutes
Then of course I realised why - the network hotkey.net.au has three MX
hosts at 202.138.0.45, 202.138.0.46 and 202.138.0.44.
This blew me away - what is the point of providing redundancy and
scalability via MX, then those hosts each separately decide not to talk
to you because of grey listing.
Perhaps people doing grey listing should only have the one MX?
I guess this is just another example of why grey listing is anti social
- thankfully I'm not paying by data volume (many people in Australia
still do) or I'd be more annoyed.
I sent a message to the postmaster of the site and he had not realised
it worked that way (I was surprised he answered - very rare for anyone
to answer a postmaster message these days) - all he has done is
whitelist my domain in whatever software he uses - good for me, but
still poor for everyone else.