[Greylist-users] Whitelist entries and 4xx failure codes - Note to implementors

Frank Bax fbax at sympatico.ca
Mon Sep 27 11:24:26 PDT 2004


At 05:07 PM 9/21/04, Evan Harris wrote:
>After getting several whitelist submissions that I can confirm don't
>actually need a whitelist entry (based on my sites logs), I think I have
>narrowed down an issue/detail that may need attention from developers of
>alternate implementations.
>
>When doing the initial testing of my implementation, I tested the use of
>several different SMTP codes, and 451 was found to be the least problematic
>in that it caused the fewest number of problems with various sites.
>
>Some implementations appear to be returning an SMTP error code 450 or other
>4xx code rather than 451 which is what I used in relaydelay.  Some major
>sites (MSN/Hotmail and others) trying to deliver mail appear to try several
>times in a very short time period, and then bounce mail if they get a 450
>error code rather than a 451.
>
>The actual behavior varies by site, but since most sites that have undesired
>behavior have this pattern, my guess is that it is because a 450 is
>generally used for a mailbox lock failure, and is considered a failure that
>should be able to be resolved within seconds, and thus the short retry
>delay.  451 seems to be handled as a more generic temporary failure, and
>seems to produce the desired result much more often.
>
>So, if you're using or developing an implementation that uses an error other
>than 451, you might want to check into changing, or at least testing
>further.
>
>Evan


I am using OpenBSD greylisting implementation that uses 450 by default, but 
I can configure it to use 451.  My ISP provides secondary MX support and 
that machine does not implement greylisting at all.  I am finding that a 
significant volume of spam is arriving at mailboxes by using the secondary 
MX.  Am I likely to see a reduction in servers using secondary MX if I 
switch from 450 to 451?

Frank 



More information about the Greylist-users mailing list