We all know how greylisting works.. you're a mail admin too, I suppose.
Isn't greylisting too strict to also keep a list of mail addresses. Isn't a list with passing servers enough?
When a mailserver is configured correctly it will retransmit and that's all greylisting differentiates.
A pc that's infected will not retransmit, a server will retransmit even if a client in its network is infected.
So I think that as soon as a server passes the greylisting there is no use to keep a list from what email address to which email address the mail was send.
Or am I forgetting something?