[Greylist-users] some comments on spamd

Toni Ericsson toni.ericsson at avc.nu
Tue May 31 14:27:06 PDT 2005 

Running a gate that does 170 kmails/day
I've seen quite a bit of this myself.

>From my experience the following mailers
will exhibit non RFC compliant behavior:

Quickmail Pro (earlier versions, 3.5x claim to have it fixed)
Groupwise

Some appear to generate error messages back to the
sender while still processing the mail correctly (e.g MDaemon).

Also try to avoid extended code 4.7.1 as several mailers
seem to misinterpret it. Explicitly recommended by sendmail as well.

I currently use the fluffy 450 4.2.0 combination. Most mailers
seem happy with that.

Do not use a 421 code as has been suggested in some newsgroups.
If you haven't had problems before you're gonna run into big problems
with any 42x code.

In addition to the above I certainly have seen some very bizarre
behavior
from the mail servers of some ISP:s (retries in 4 then 8 hours). There 
can also be issues related to mailfarms and fallback servers that
influence this. 

I use milter-greylist. The only one I found that seemed to have features
to address all of the above peculiarities. Highly recommended.

Toni


-----Original Message-----
From: Ronald Oussoren [mailto:ronaldoussoren at mac.com] 
Sent: den 31 maj 2005 21:28
To: Greylisting Users and Developers Discussion
Subject: Re: [Greylist-users] some comments on spamd


On 31-mei-2005, at 20:41, A.L.Lambert wrote:

>> Do you, or anyone else, have any indication on the amount of false
>> positives with greylisting? I've disabled greylisting on a site  
>> because
>> several people complained that their mail didn't get through. It  
>> seems
>> that some mailers are confused by a 4xx result at an unexpected  
>> location
>> and drop that e-mail.
>>
>> That is of course a bug in the sending MTA, but I find disappearing
>> e-mail highly disconcerning even if it is only a very, very tiny   
>> fraction
>> of all e-mail.
>>
>> If it weren't for those disappearing e-mail I'd never disable   
>> greylisting,
>> we also got a 90+% decrease in the amount of incoming spam and e-mail
>> virusses.
>>
>
>     Are you 100% positive sending mailers were 'dropping' the  
> messages in
> question without making any kind of bounce?   I run greylisting on a
> variety of servers (one of which crunches about 60,000 real  
> deliveries a
> day, not counting a few hundred thousand rejects), and I've had 0
> confirmed reports of lost mail that never generated a bounce of some
> kind.   I've had some user complaints stating that, but all of them
> turned out to be user errror or some kind.

I'm not 100% sure. What I saw was that a mail got rejected (4xx error)
on the first try and that the sending MTA never retried. The sending
user claimed that he never got a bounce message from his MTA. I've seen
this on several occasions.

At least one one sending MTA bounced messages when it got greylisted,
the end-user faxed me the bounce message.

BTW. I am (or rather was) using postgrey with postfix.

Luckily this site doesn't get that much spam, IIRC we're getting less
SPAM than regular messages, and the SPAM filter is keeping most of that
out.

Ronald

More information about the Greylist-users mailing list