Greylisting ??? - ORF Forums

Greylisting ??? RSS Back to forum

1

Greylisting is a nice feature but larger organizations (Gmail for example) may send email from a large range of IPs.

There is a setting under greylisting "Accept Delivery Retries from the same /24 subnet"

If you turn that off - Does it mean the email can come from anywhere on the retry? Or does it mean it would have to come from the same IP?

I assume the latter - but wanted to make sure.

by steve.mills 4 years ago
2

@steve.mills: It is the latter:

If "Accept Delivery Retries from the same /24 subnet" is turned on, the second, re-attempted delivery is accepted from the same subnet. (E.g., first Greylisted attempt comes from 1.2.3.4, second comes from 1.2.3.5 --> email is allowed through).

If it is turned off, the re-attempt is accepted from the same IP only. (E.g., first Greylisted attempt comes from 1.2.3.4, second comes from 1.2.3.5 --> email is Greylisted again).

We recommend adding either the IP ranges* or domains of such larger organizations to the Greylisting Exceptions (Gmail, Yahoo, Windows Live / Outlook.com).

Gmail IP ranges: https://support.google.com/a/answer/60764?hl=en
Outlook.com IP ranges: https://mail.live.com/mail/ipspace.aspx

* As these may change quite frequently, excepting domain names might be a better approach, but may exclude spoofed emails some from Greylisting. Since the email will be subject to further tests (including the SPF test), this is usually not a problem.

by Krisztián Fekete (Vamsoft) 4 years ago
(in reply to this post)

New comment

Fill in the form below to add a new comment. All fields are required. If you are a registered user on our site, please sign in first.

It will not be published.
hnp1 | hnp2