Johan Andersson wrote:
I have been thinking about this way as well, although, the discussion
around keeping a central database for all MTA's have me wondering...
In the protocol, when a host is asked to retry later... .i.e. gets the
"451 4.7.1 Please try again later" response...
Will it the retry go to the same host or do a new MX/DNS lookup to
resolve the mailaddress?
That's software-dependent, although most will do a new lookup.
With six MTA's on roundrobin, if it does a new lookup it could be a long
time before it hits the same host again.
That's one of the reasons why you really need a central db if you have
multiple MX servers.
With a central DB this is solved, but then we got a SPOF instead... :-/
which must be handle by the GL software...
It is a single point of failure, yes, but no more so than if you only
had one MX server in the first place. If your reason for having multiple
MX servers is primarily load balancing, rather than to improve
resilience, then having a single greylisting db isn't a major issue. You
can always configure things so that the MX servers simply bypass
greylisting if the service is unavailable rather than defer or reject
mail. All that means, then, is that you'll get more spam if the
greylisting server is ever offline. But that's a temporary issue and, in
any case, is no worse than not having greylisting at all.
Mark
--
http://mark.goodge.co.uk - my pointless blog
http://www.good-stuff.co.uk - my less pointless stuff
