> I tried greylisting for two months on my primary mail server. I enjoyed
> the (slight) reduction in spam but I also couldn't live with important
> emails being deferred and not tried again. This is common with
> financial institutions, for exactly the same reasons they stamp things
> like "DO NOT FORWARD" on envelopes.
Sorry, but i think the last sentence is complete nonsense. A mail sender who
does not retry on a temporary deferral is broken, and there is NO excuse for
doing that. A temporary deferral is a completely different thing than a mail
forwarding. A more appropiate analogy might be a postal guy finding your
mailbox physically damaged (e.g. by vandals). In no way he will return your
mail to the sender, but take it back to the post office and try it on
another day.
But of course the reality is a world full of morons, developing and operating
mail servers which are not standards compliant and mail after all is such an
important thing that one should not try to fiddle with it when unnecessary.
In general i dislike greylisting because when i'm waiting for a mail, i need
it now, and not in 30-60 minutes.
> Now, where greylisting IS appropriate and very useful is on backup MX
> servers.
This does not consort with your observations. Because when a remote client
will choke on a temporary deferral and will return the mail, it will also do
so when it has to contact the backup MX (because the primary MX is down, and
thats what the backup MX is for).
In general it seems like a good practice to ensure that every (desired) mail
is accepted on the first try to have it inside the own domain. After all
thats the primary reason why someone operates a backup MX in the first time.
If i'm willing to depend on the ability of the remote sender to store the
deferred mail and retry it later, i don't need a backup MX.
Regards
Michael
--
It's an insane world, but i'm proud to be a part of it. -- Bill Hicks