On Thu, Aug 14, 2025 at 08:28:08AM +0100, Stuart Henderson via mailop wrote:
> With some implemwntations it is possible to do this and accept mail from
> conforming servers on the first delivery attempt (so not greylist-like
> at all really in that sense), so you can do "early talker" (aka pregreet
> delay) without the big problem greylisting has with retries from a
> sending system that uses multiple exit IPs for retries of the same
> email.

Yes, the multiple sender IP problem is the main downside of greylisting.
You can to some extent mitigate by explicitly allowing whatever known-multiple
domains publish in their SPF (see eg 
https://nxdomain.no/~peter/goodness_enumerated_by_robots.html
or tracked https://nxdomain.no/~peter/goodness_enumerated_by_robots.html) but
I have recently also seen such things as webshops that send their "confirm 
login" 
and "reset password" mail from hosts not listed in their SPF info.

So yes, everything *does* have a strictly nonzero error/failure rate.

- Peter

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Reply via email to