On Tue, 2023-02-28 at 12:31 +0100, Jaroslaw Rafa via mailop wrote: > > I do greylisting, and that's how I found out about the immediate > retries. I run postgrey with default setting which is 5 minutes, and > I often see in logs multiple retries within those 5 minutes, with > first ones being really almost immediate (15-30 seconds). I have no > other MXes, so I can't observe retries to other MXes, but I often see > retries FROM different IP address than the original attempt, which > count as new entries for greylisting, as greylisting works on triplet > (client IP address, sender, recipient). >
ONE immediate retry can be helpful. Since you mention postfix, the "accidental greylisting" caused by its deep protocol tests can be mitigated by sharing the postscreen cache across MX, even if one of them is simply an alias: https://www.postfix.org/POSTSCREEN_README.html#after_220 In those situations, the immediate retry will go through. (And FWIW I would suggest lowering the timeout on postgrey; spambots don't come back after a few seconds.) That doesn't help when the retries all come from different IPs though. That is indeed stupid. It's not surprising however given that most of those providers will loan you a consistent IP for a small fee. _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
