Greylisting numerous times
Problem reported by Jay Altemoos - May 2, 2017 at 7:47 AM
Submitted
Good morning everyone. Has anyone had issues with the Greylisting feature in SM? We are running SM Enterprise Version 15.5.6284. Basically what appears to be happening is email addresses are getting Greylisted numerous times before they are being delivered. A client of ours called yesterday about an email they were waiting for that took 2 hours to get delivered to them. We have our Greylisting set up to set the block time to 1 minute and the Pass period is set to 360 minutes. So from my understanding, a new email address will be essentially told to resend after 1 minute. So if the mail server adheres to that time frame it has up to 6 hours to resend it again. So with that said, checking my logs files I found that the sending mail server waited 15 minutes to resend the message but was Greylisted again and the process repeated for about 2 hours. Then after the 2 hour mark the message went through fine with no further Greylisting. The problem here that I see is that it seems Greylisting is broken and does not honor the settings I have set. Anyone else have this same issue? i emailed support already on it and for now I disabled the Greylisting on this customers domain.

9 Replies

Reply to Thread
0
David Jamell Replied
OK, I've got to ask the obvious question. Are you sure that the server is always sending from the same IP Address?
0
Jay Altemoos Replied
You know looking through the log again, no it was 4 different IP's each time. Looks like this particular sender is using Outlook.com. So I am guessing that the greylist looks at the IP instead of the sending email address. Which partially makes sense but, in this case where a user uses a online hosting solution like GMail or Outlook.com they have several servers, so the IP will change a lot. Probably due to load balancing. So with that in mind, this is probably going to be a continuing problem and only going to get worse. Great.
0
echoDreamz Replied
Unfortunately there is a major issue as you've found with the Greylisting system. We have customers who have cancelled and moved on due to the massive delays with systems such as gmail, outlook etc. Eventually we found all of Google's IPs and whitelisted them from being greylisted since it seems it is just infinite loop of greylisting with massive ISPs like Google.

Christopher

0
Jay Altemoos Replied
Same issue would happen with Outlook.com. So it seems either deal with the delayed emails or turn off Greylisting all together since you are going to whitelist a huge amount of IP's anyways between Google, Microsoft, Yahoo, AOL, etc. So why even have Greylisting in the first place? I have a big decision to make about this situation. On one hand I want to protect our customers, but on the other hand I also don't want to inconvenience them with having to wait for an email for 2 hrs. Especially since some of those emails might be time sensitive.
0
echoDreamz Replied
Yes. We had a client who was very upset that he missed a job offer by several hours (about 3) because of the greylisting. Customers who were using services that email authentication codes that are valid for ~30 - 60 minutes were being screwed over because the sender used Amazon SES which of course has thousands of IPs.

Eventually we completely disabled greylisting, because, as you said, too many IPs to manage.

Greylisting needs to be reworked to identify the sender for cases like this. Though I can see faults with this as well.

Christopher

0
echoDreamz Replied
https://www.sss.co.nz/news-and-updates/greylisting-and-the-problem-with-google-mail-servers/ There are many articles about this as well.

Christopher

0
Matthew Leyda Replied
We use a scrip for Mighty Blue to extract a List of IP's from SPF records and put the in a whitelist. This has worked well for us. You can get it here: http://www.mightyblue.com/products.php?pid=5
Here is the list we currently import. Hosts_To_Check=apple.com,aol.com,google.com,live.com,paypal.com,dstwaterjet.com,nwmls.com,craigslist.org,ebay.com,msn.com,topproducer.com,usaa.com,becu.org,wf.com,amazon.com,mailchannels.net,myalaskaair.com,outlook.com,wahbexchange.org,frontier.com,eNom.com,comcast.net,edwardjones.com,ssa.gov,usps.com
Kendra Support
http://www.kendra.com
support@kendra.com
425-397-7911
Junk Email filtered ISP
0
echoDreamz Replied
While interesting, it is not a good solution. These providers can change their records, add to them, remove etc. As well as having to restart the service is really a no go. SmarterMail takes over 25 minutes to start for us.

Christopher

0
echoDreamz Replied
My other question is why it uses the ipAccess.xml file instead of the greyListBypass.xml.

Christopher

Reply to Thread