>> For what it's worth, I reconfigured my greylisting relay from a >> blanket delay to delaying only spamcop neighbors, anything that hits a >> DNSBL, and any Windows *desktop* (using p0f). >> >> The move reduced the fatal delay of 80-90% of my incoming mail down to >> 64%, which is pretty reasonable given the fact that the inconvenience > > > Some implementations, postgrey for example, keep a whitelist of servers > known to retry, so once a small number of mails (3 by default iirc) have > been successfully delivered from a given server (or servers in the same /24 > subnet), it is auto-whitelisted on the basis that there is little point > continually greylisting servers that you *know* will retry anyway. > > This approach works extremely well and after a few weeks normal usage very > few legitimate mails are delayed by greylisting.
I wrote a perl script that whitelists any servers from greylisting for 6 months that send a message that scores less then 1 by spamassassin. If it later sends a message that scores greater then 5 it is removed from the whitelist. Works great. After having a few months to learn almost no legitimate servers are greylisted. Matt
