[Mimedefang] Greylist TEMPFAILS being viewed as 5.x.x PERM fails?

[David F. Skoll]

On Wed, 28 Jan 2004, Cormack, Ken wrote:

> It seems that RFC brain-dead mailers are out there, that interpret a
> tempfail as if it were a 5.x.x permanent failure, and the failure is being
> handed back to the sending user's MUA.

No, what's going on is that the brain-dead senders receive 4xx for all their
RCPT commands.  They then issue a DATA command (in spite of the fact that
they MUST not issue DATA unless at least one RCPT succeeded) and Sendmail
correctly responds with a 5xx code.

I believe Novell Groupwise has this bug.  Old SLMail servers did too.

> A. "fought the good fight to prove you are not sending a 5.x.x series status
> code"... and won

Yes.

> B. Found something in your milter code or sendmail.cf that IS in fact,
> sending a 5.x.x when a triplet is greylisted

See above.

> C. had experience with any such brain-dead MTAs that misinterperet a 4.x.x
> code

Yes.

> D. Found a fix, short of whitelisting the problematic hosts

Yes.  With CanIt/CanIt-PRO, we can optionally delay greylisting until
the end of the DATA phase.  This wastes bandwidth, but does give most
of the benefits of greylisting without triggering problems on buggy
servers.

Regards,

David.