[Greylist-users] Too many "false positives" !?!

Jim Wright jim at wrightthisway.com
Sun Nov 20 14:32:38 PST 2005

On Nov 20, 2005, at 6:35 AM, orinoco wrote:

> Within two days I got so many "false positives", 1st rejected by
> greylisting and then the remote MTA does not retry to deliver the mail
> for hours, for days ... even major providers like web.de do only try
> once and then generate a delivery error.

One would think that a major provider would not operate broken  
servers, but this isn't always the case.  There are a good many  
reasons for a message to be temporarily undeliverable, and dropping a  
message on the first bad attempt is just bad business, not to mention  
a violation of RFC standards.

> That does not correspond with the promises on several wesbites  
> claiming
> almost no false positives from greylisting. Didn't they counter-check?
> Are there so many non-RFC-compliant MTAs out there? Or what's going
> wrong here?

I normally watch my logs closely, and attempt to contact any server  
owners that have misconfigured servers, there are a lot of folks out  
there that just don't know any better, and have no clue what they are  
doing.  A little education can go a long way.  I usually copy  
whatever contacts I can find for a particular domain, including what  
IT contacts I can find.  I also let the customer who's mail was  
rejected know that they're using a poorly configured service, just so  
they know who's fault the problems are.

> It's an underdog job to check for false positives, not to mention
> repairing the communication damage.
> And I can't whitelist all innocent non-RFC-comnpliant MTAs on the  
> world.

There are several good whitelists out there as a starting point, in  
my experience most of the bad servers are ones I don't need to  
receive mail from anyway.

> Additionally some web-mail providers like hotmail hide the greylisting
> error message from their customers, generating a delivery failure
> message of their own, if they notify at all.

I've never had an issue greylisting Hotmail mails.  Their servers do  
seem to retry normally.

More information about the Greylist-users mailing list