Hi. I have a local SMTP receiver in Melbourne Australia and a backup MX server in Virginia USA.
Is it a requirement that these servers share their greylisting databases?
I am seeing some MTAs send email to one server and get a temporary rejection 451 then send to the other server and get temp rejection 451 there too. They do not try again.
Most MTAs work fine.
Any ideas? Thanks.
yeti Wrote:Hi. I have a local SMTP receiver in Melbourne Australia and a backup MX server in Virginia USA.
Is it a requirement that these servers share their greylisting databases?
I am seeing some MTAs send email to one server and get a temporary rejection 451 then send to the other server and get temp rejection 451 there too. They do not try again.
Most MTAs work fine.
Any ideas? Thanks.
this can sometimes be a problem but sharing the databases won't change anything in the scenario you mention... the sender tries server A.. now it is greylisted with some timeout. now it talks to server B... well either server B creates a new greylist entry with it's own timeout, or it references the existing one just created by server A. Either way, sender gets two temporary fails.
sending servers that behave this way do not correctly implement SMTP (or have been configured in a way that violates the RFCs). the thing is, even if a broken sender does give up on a message before the greylist entry times out, the sender will be given an NDR and the next time they send a message, it will generally be automatically accepted due to the previous delivery attempt on the original message. So in reality, this rarely is a real problem on any of the servers I maintain.
Thanks lodc,
I ended up setting up database sharing, and it is working very well partly because as you say, it would anyway.
I used Rhyolite Software's dccd with greylisting and greylist flooding between the MX servers.
Having monitored it carefully for a few days, I've now totally forgotten about it. It just works.
Occasionally someone would tell somebody that they had just sent an email, and that somebody would wonder why he hadn't seen it yet and then he'd remember that we're using greylisting.
It just works.
Does it really matter if you use 2 seperate databases ? I've got a setup running of 2 seperate databases and it lloks like it is working allright. But I'm wondering if the second server does not received the delayed resend will it classify the sender as spam and blacklist it ?
In order to minimise the impact of Greylisting on legitimate email, you want to minimise greylisting delays. It obviously helps if each of your servers can lean from the experience of the other server. That's why I share the database.
(10-17-2008 10:01 PM)Richard5 Wrote: [ -> ]Does it really matter if you use 2 seperate databases ? I've got a setup running of 2 seperate databases and it lloks like it is working allright. But I'm wondering if the second server does not received the delayed resend will it classify the sender as spam and blacklist it ?
As I'm new to greylisting what are good settings for these parameters that you can set. I currently have them set to the defaults. Reconnect delay of 5 minutes and max reconnect time of 24 hours.