On Sat, May 10, 2008 at 10:39:59PM +0200, Heiko Schlittermann wrote: > Dean Brooks <dean@???> (Sa 10 Mai 2008 17:18:53 CEST):
> > >
> > > But this means that you're greylisting in your DATA acl (to get the
> > > message id). Didn't you experience problems with returning a 4xx there?
> > > I'm talking about serious operated MTAs being choked on 4xx after
> > > sending the final dot. (Despite the fact that some RFC allows 4xx at
> > > this point.)
> >
> > What kind of problems would you expect to see?
> >
> > We've been running greylisting in our DATA ACL for several years now
> > on a heavily loaded mail server and have never had any reports of problems.
>
> I expected clients (MTA) not expecting a 4xx after transmission of the
> data portion. And thus not resending the mail as expected.
Well, after running 4xx at end of DATA for 2 years now with
approximately 10,000 users, we've never run into a situation with a
client complaining about missing email.
Keep in mind, though, that greylisting is best performed only on
suspicious hosts (i.e. listed on RBL, missing PTR, etc), which is
likely one of the reasons we haven't run into problems.