Greylisting Configuration

MailCleaner Support
Added 12 months ago

Greylisting is a method of blocking spam, where The MTA temporarily fails incoming mail from an unknown sender to check whether the sender reattempts mail delivery.

Greylisting takes advantage of the fact that well-behaved sending systems tend to implement a retry-queue when they receive a tempfail. Whereas spammers tend to work in a "fire-and-forget" fashion and are hence not likely to reattempt mail delivery. The feature can save a large amount of resources especially during periods of dictionary attacks since it is one of the very first tests run.

MailCleaner keeps records of addresses that have passed the greylist for 60 days. If no other mail exchange occurs between this address and the recipient within this time period, the record expires and greylisting reapplies to that address.

The period within which a subsequent attempt must be made is configurable by the appliance administrator from:

Configuration -> SMTP -> Greylisting

A minimum delay of 0 means that the message will be processed if the sender tries again instantly.

Greylisting is a very common antispam feature and so some spammers will retry for a very short time. A longer delay requirement will result in fewer spams being processed, but a larger inconvenience to your users on the first occurance of them receiving an email from a new sender. A minimum delay period of of 60 to 300 seconds is usually preferred.

The field "Avoid greylisting for these domains" can also be used to add specific domains that customers would like ignored by greylisting. After adding a domain to this field, the Greylist daemon must be restarted in:

Monitoring -> Status

Greylisting can also be disabled altogether for all tenants on the machine by entering an asterisk into the list of domains to avoid. You can also selectively Enable/Disable this feature on a per-domain basis from the Filtering section of a domain's settings.