On Tue, 2006-12-26 at 12:29 -0700, Chad Leigh -- Shire.Net LLC wrote:
> I set up two low priority MX hosts that are virtual hosts
> on the same machine as the normal mailhost. These lower priority
> ones automatically defer everything that hits them. [...]
>
> I do greylisting use Marc Merlin's sa-exim with his greylisting
> module added.
this will break when the sending server uses Exim...
here's the scenario:
* server sends message to A (highest MX priority), and is defered
due to greylisting.
* server now tries to send message to B (lowest MX priority) which
always defers.
* server notes that B defers in retry database
* some time later, it retries A, and it is successful.
repeat this for some time. eventually you get this:
* server sends message to A, and is deferred due to greylisting.
* server tries B, which defers. it looks in retry database, sees
that B hasn't worked for a long time, and BOUNCES THE MESSAGE
IMMEDIATELY.
there are two ways to solve this:
1. A should whitelist all servers which make successful deliveries,
and *never* clean the whitelist. as soon as even *one* message
is deferred by A, the retry rule for B may hit and cause a
bounce.
2. don't use greylisting and "always deferring MX" together.
either is fine, but combining them causes weird behaviour.
there isn't really any point to it, anyway.
--
Kjetil T.
