On 01/18/2011 12:31 PM, David F. Skoll wrote:
On Tue, 18 Jan 2011 22:18:20 +0000
Gary Forrest<ga...@netnorth.co.uk> wrote:
Interesting 2 of our 3 scanning heads use a grey list system that
uses /32 addresses as part of the process, these two servers have
100's of emails delayed for well over a day. Our 3rd scanning head
uses a grey list system that is less granular /24 , this does not.
Ah, I should mention that we use a /24 for greylisting for IPv4 and a
/64 for IPv6. On the other hand, we also add a hash of the subject
into the greylisting tuple so it becomes:
I recently gave up entirely on greylisting after:
* Last week I discovered /24 was not good enough for redelivery attempts
at one major ISP. All mail from that ISP was failing for the past month
except in rare cases where randomly the same /24 attempted delivery
within the time window.
* Years of complaints of mail delivery delays or failures from my users.
They had began creating gmail accounts in order to bypass. They kept
running into too many cases of broken individual mail servers (major
companies!) who failed to redeliver.
Users don't care about "so and so is violating RFC-XXX". They are
trying to get business done and it was simply causing too many problems.
Warren
