On Wed, 2008-05-07 at 17:24 -0400, Grant Peel wrote:
> Hi all,
>
> I have recently implimented greylist on some of our servers, and am seeing a
> few domain, that return multiple IP address. How is that handled.
I'm not sure what you mean by 'return multiple IP address', or why it
should matter.
> I am also seeing a few (like telus.net) that resend mail from a different
> mail server than the original. How do we handle that?
It means that you shouldn't include the originating IP address as one of
the criteria for matching emails. I use {sender,recipients,message-id}.
I do also _store_ the sending IP address (and HELO name). When the same
mail is seen again later, that IP address and HELO are added to a 'known
resenders' list -- since they obviously retry sending mail, there's no
point ever greylisting mail from there again. It would just be a delay
with no real chance of any benefit.
I add the {IP,HELO} of the _original_ sender rather than the one which
does the retry -- that means we don't force people into their backup
delivery route for evermore.
http://david.woodhou.se/eximconf/include/acl-greylist-sqlite
> I have my accept time set to 2 minutes. Does anyone think thats too long?
That seems reasonable enough.
--
dwmw2
