Re: [exim] Greylisting - Chnging IPs

Top Page
Delete this message
Reply to this message
Author: David Woodhouse
Date:  
To: Grant Peel
CC: exim-users
Subject: Re: [exim] Greylisting - Chnging IPs
On Wed, 2008-05-07 at 17:24 -0400, Grant Peel wrote:
> Hi all,
>
> I have recently implimented greylist on some of our servers, and am seeing a
> few domain, that return multiple IP address. How is that handled.


I'm not sure what you mean by 'return multiple IP address', or why it
should matter.

> I am also seeing a few (like telus.net) that resend mail from a different
> mail server than the original. How do we handle that?


It means that you shouldn't include the originating IP address as one of
the criteria for matching emails. I use {sender,recipients,message-id}.

I do also _store_ the sending IP address (and HELO name). When the same
mail is seen again later, that IP address and HELO are added to a 'known
resenders' list -- since they obviously retry sending mail, there's no
point ever greylisting mail from there again. It would just be a delay
with no real chance of any benefit.

I add the {IP,HELO} of the _original_ sender rather than the one which
does the retry -- that means we don't force people into their backup
delivery route for evermore.

http://david.woodhou.se/eximconf/include/acl-greylist-sqlite

> I have my accept time set to 2 minutes. Does anyone think thats too long?


That seems reasonable enough.

--
dwmw2