I recently gave up on greylisting after using it for years as well. Two reasons really, one was the complaints from users (and I found that they often asked folks to "send mail to me twice" to try and get mail to "work better" and that was just embarrassing).
The second was that I've found that the other spam-catching filtering is doing a much better job than it was years ago and turning off greylisting didn't adversely affect the amount of spam that got through. -lee On 1/18/2011 5:41 PM, Warren Togami Jr. wrote: > On 01/18/2011 12:31 PM, David F. Skoll wrote: >> On Tue, 18 Jan 2011 22:18:20 +0000 >> Gary Forrest<ga...@netnorth.co.uk> wrote: >> >>> Interesting 2 of our 3 scanning heads use a grey list system that >>> uses /32 addresses as part of the process, these two servers have >>> 100's of emails delayed for well over a day. Our 3rd scanning head >>> uses a grey list system that is less granular /24 , this does not. >> >> Ah, I should mention that we use a /24 for greylisting for IPv4 and a >> /64 for IPv6. On the other hand, we also add a hash of the subject >> into the greylisting tuple so it becomes: > > I recently gave up entirely on greylisting after: > > * Last week I discovered /24 was not good enough for redelivery > attempts at one major ISP. All mail from that ISP was failing for the > past month except in rare cases where randomly the same /24 attempted > delivery within the time window. > > * Years of complaints of mail delivery delays or failures from my > users. They had began creating gmail accounts in order to bypass. > They kept running into too many cases of broken individual mail > servers (major companies!) who failed to redeliver. > > Users don't care about "so and so is violating RFC-XXX". They are > trying to get business done and it was simply causing too many problems. > > Warren
