I used to greylist and it helped a lot.
2FA killed that, however. When someone logs into a website, bank, etc
quite often they use an email address as the second factor - so for that
to work the email has to be delivered instantaneously. Also most 2FA
does not follow any kind of SMTP standard, the will attempt delivery
once and not retry if it fails.
Once 2FA became a big deal for the banks I got far too many user
complaints on the greylisting to keep it.
Ted
On 5/6/2022 5:39 PM, Greg Troxel wrote:
I agree with what Grant said.
Also, I wonder how much greylisting would help, and if you were already
doing that. The data I posted is for a machine that already does
greylisting in general, with varying times depending on inclusion in
various RBLs and local data.
I find that delaying connections from unknown places even 2 minutes
helps a lot.