Re: [exim] greylisted due fallback server

Top Page
Delete this message
Reply to this message
Author: John W. Baxter
Date:  
To: exim-users
Subject: Re: [exim] greylisted due fallback server
On 8/25/07 2:16 AM, "Leonardo Boselli" <leo@???> wrote:

> In sending to a list i noticed my messages were greylisted and delayed a
> lot of time.
> It turned that they used a system that refuse with a 4xx error any message
> the first time that arrives from an "unknown" server and after 5 minutes
> it begin to accept mail fron that server.
> It did not worked for me since in my setup I have:
>
> begin routers
>
> lookuphost:
> driver = dnslookup
> domains = ! +local_domains
> pass_on_timeout
> self = fail
> fallback_hosts = vettore.xxx.it
> transport = remote_smtp
> no_more
>
> smart_route:
> driver = manualroute
> domains = ! +local_domains
> route_list = * vettore.xxx.it bydns
> transport = remote_smtp
> no_more
>
> --
>
> this way if for some reason the connection cannot be get on the first time
> the messages are passed to the server vettore, that is on a different
> network so it has different chanches to connect.
> Unfortunately this is setup so vettore know that if a message arrive to it
> it has passed a first try, so when it tries again it know is the second
> try and so the delay between the second and the third try is one hour.
> It happens that some messages bounced with 4xx are then passed to the
> secondary server, so the messages are tried first time by main server,
> after 5 minutes by secondary server, and then each hour, thre hours, etc.
> In this case is possible that the greylisting count is reset so the
> message never passes !
>
> I contacted the administrator of the remote server and they replied that
> my server does not respect RFC since after a 4xx does not retries but just
> pass the burden to a different server, that in turd has a larger timeout.
> This is not clear to me. Is it true ? I knew that timeouts are minumum,
> not maximum, and that i never found a RFC saying that if a remote server
> says 4xx you con retry only with the same source address.
> Any answer ? If i am wrong, how to change the config file ?
>
>
>


Your system would eventually get messages through our particular greylisting
system. The first try would time out, as it is never retried. The second
(overall) try would start a new sequence, and get a temporary failure. If
the third try (second try by the second server) is from the second server,
same IP, same <mail from:> [after some normalization we do], same recipient,
it would go through.

But greylisting implementations differ--the only way they are viable given
all the odd servers in the world is by providing for whitelisting.

--John