Slightly OT: Greylisting another take

Scot L. Harris webid at cfl.rr.com
Fri Feb 18 18:48:12 UTC 2005 

On Fri, 2005-02-18 at 10:46, Alexander Volovics wrote:
> On Fri, Feb 18, 2005 at 09:03:26AM -0500, Scot L. Harris wrote:

> > > My dynamic IP addresses are in this block which means I can't even send
> > > any mail to some mail servers and that I am greylisted by others
> > > (like RedHat). Look at the headers of my messages:
> > > X-RedHat-Blacklist-Warning & X-RedHat-Spam-Score.
>   
> > Greylisting is very different from black listing.  Greylisting simply
> > utilizes the standard RFC behavior for temporary failure codes to weed
> > out legit MTAs from bots.  Worst case is that your message will sit in
> > your MTAs queue for at least the amount of time that the recipient MTA
> > has you greylisted.  The remainder of the time your message is delayed
> > is based on your own MTA setup.  
> > 
> > And after the first message goes through subsequent messages from the
> > same user and IP address won't be greylisted at all until that tuple
> > expires.  Most systems keep such data around for at least a week and
> > some set it for as much as 6 months.
> 
> OK. Thanks for the clear explanation. I did not quite understand the
> difference between blacklisting and greylisting.
> 
> But then, how did RedHat come to greylist (or blacklist) me?
> And why are both these terms mentioned in the mail comments and headers:
> "X-RedHat-Blacklist-Warning" and 
> "host mx3.redhat.com[66.187.233.32] said: 451 4.7.1 greylisted" 
> 

The X-RedHat-Blacklist-Warning has nothing to do with greylisting.  I
suspect that some how you are bypassing your ISPs servers and sending
directly and the address range you are on is in the dynamic block of IP
addresses which many ISPs block out of hand.

The second line above with 451 4.7.1 greylisted is the redhat MTA
telling your MTA that the message you tried to send was greylisted. 
That is normal for greylisting.  As soon as the time as expired and your
system retries the message it will go through.

> And even more to the point, how do I get off the RedHat (black)greylist?
> 

No real way to get off greylisting unless you can have the admins
whitelist your machine, however that should not be required and they
most likely would say no anyway.  As to the blacklisting you really
should make sure you are routing through your ISPs email servers.  That
will solve that problem.


> 
> Well I do not have a mail server on my PC but relay my email

Should double check this.  If you have sendmail or postfix running then
you do have an email server.  ;)

> through my ISPs SMTP server and I am quite certain there are quite
> a few imponderables where @home is concerned. I am fairly certain that
> it takes more than 30 minutes before 'mail.home.nl' finally gets around
> to dealing with this delay queue or whatever.
> 

I dealt with @home for a few years as a customer also.  They did manage
to get all of @home blacklisted a few times back then due to open relays
and customer machines spew spam either unintended or intentional. 
Sounds like they never did learn from past mistakes.

Like I said previously once the greylisting time out has expired the
sending MTA is responsible for resending the message.  Depending on how
busy the MTA is and what method they use to schedule retries it can take
much longer than the delay time used by greylisting.  

> Thanks again for your reply and clear explanations.
> 

Anything to help.  :)

> Alexander
-- 
Scot L. Harris
webid at cfl.rr.com

Oh, I don't blame Congress.  If I had $600 billion at my disposal, I'd
be irresponsible, too.
		-- Lichty & Wagner

More information about the fedora-list mailing list