[Mimedefang] Re: Justifying greylisting to management

Yizhar Hurwitz yizhar at mail.com
Sun Feb 26 15:29:43 EST 2006 

HI.

I would like to share a specific issue that I had with greylisting at 
the sender side:

I manage several mail servers, most of them with MS Exchange 2003.
Some of the recipients that my customers send emails to, are using some 
sort of greylisting (I didn't check which method exactly).
One of the recipients domain is "technion.ac.il"
I have found that for some reason unknown yet, MS Exchange 2003 SP2 does 
not handle greylisting very well with default configuration,
and in some scenarios the outbound mail to such domains is simply frozen 
and not sent.
This could be due to timing issues or problems with specific greylisting 
method at the recipients side - I don't know the exact cause.
I have found some workarounds at my side (sender) and tweaks to prevent 
this.
However - the bottom line was the important emails (important for both 
sender and recipient) where delayed for more then 1 week, without any 
notification to sender nor recipient!
I haven't asked MS to solve it yet because it is a bit difficult to 
reproduce the problems and describe to them, but even if/when the issue 
will be solved,
it won't be automatically fixed on all similar systems.

So:
* Greylisting is a nice idea, but does not always work as planned.
* I assume that this is not a single specific issue but does/will 
probably affect customers in other similar scenarios.
* My point is that you should also take into account that greylisting 
might cause more severe problems and not only delays of few minutes,
and this should be added to the "cons" count against greylisting.
* You can say whatever you like or dislike about MS Exchange, but as we 
all know it is widely in use and non of us has control over other 
persons mail servers.
* You can say: "that's a problem of the sending server, not mine (the 
recipient side)".
I won't argue with that because I'm not sure what is the exact cause of 
such problems.
But your customers (end users and management) might argue about 
important emails lost or delayed for days.

Bottom line:
* It's your choice weather to implement greylisting or not.
I recommend avoiding it if applicable and if you can get reasonable spam filtering without it.
The issue I have described should be counted as one of the "cons" against it.

For Your Info.
Yizhar
http://yizhar.mvps.org

More information about the MIMEDefang mailing list