SQLGrey and Senders with Multiple IPs

General E.F.A. discussion
Post Reply
toddh
Posts: 33
Joined: 16 Feb 2015 18:52

SQLGrey and Senders with Multiple IPs

Post by toddh » 14 Aug 2018 18:00

We are seeing and increase in email delays due to Senders using multiple gateways/IP.

In addition some of these senders delay retries for up to 45 minutes or longer.

I am sure we can't be the only ones facing this issue where greylisting is delaying email for extended periods, and I am wondering how others are dealing with it.

Thanks,

Todd

User avatar
pdwalker
Posts: 1116
Joined: 18 Mar 2015 09:16

Re: SQLGrey and Senders with Multiple IPs

Post by pdwalker » 05 Sep 2018 03:57

Hi Todd,

How do you know your messages are being delayed by up to 45 minutes?

Mail2GoCa
Posts: 17
Joined: 10 Oct 2018 09:11

Re: SQLGrey and Senders with Multiple IPs

Post by Mail2GoCa » 10 Oct 2018 13:41

@toddh

I am noticing that also.

This especially happens with large anonymous email providers (Gmail, Yahoo, etc.) and large hosting companies (Bluehost, Godaddy, etc.).

However, as the grey list learns the gateway IPs most often used by each domain/address), it automatically adds the domains/addresses together with their associated known class C or Class D IP to the grey list's white list.

Once they are in the white list, they are no longer grey listed and move directly to the AntiSpam/Virus gateway without delay provided the email comes in on the same IP as is associated with the domain/address in the white list.

If the email comes in on an as yet to be whitelisted Domain/address & IP combination, then it is grey listed and delayed. As such it is important to leave orphaned greylist items in the greylist. They are automatically purged after 24 hours.

Also, do not delete any whitelisted domain/IP or Address/IP combinations unless you know they are potential spam sources or abused networks. If you are sure they are spam sources or abused networks, you may add the domain/address to the OptIn lists. If you never want certain domains/addresses to be grey listed, you may add them to the OptOut lists. The OptOut lists take precedence over the OptIn lists.

last but not least, for clarity's sake, where I mention whitelists, I am referring to the domain whitelist and the address whitelist in the grey list module and not the one in the Anti-Spam/Virus module.

I hope this helps.

Cheers :ugeek:
Last edited by Mail2GoCa on 13 Oct 2018 07:09, edited 4 times in total.

Mail2GoCa
Posts: 17
Joined: 10 Oct 2018 09:11

Re: SQLGrey and Senders with Multiple IPs

Post by Mail2GoCa » 10 Oct 2018 13:48

@pdwalker

The delay time is listed in the header of the email.

Looks like this...
X-Greylist: delayed 00:06:41 by SQLgrey-1.8.0

Cheers :ugeek:

User avatar
pdwalker
Posts: 1116
Joined: 18 Mar 2015 09:16

Re: SQLGrey and Senders with Multiple IPs

Post by pdwalker » 12 Oct 2018 04:00

Huh. I never noticed that header before. I’ll have a look for it on my system and see what I’m averaging.

Currently, I don’t notice any delays because my system has been running for a while and it knows the common senders.

I did notice it in the beginning when the system didn’t.

How long has your system been running? Maybe it just needs more time to learn

User avatar
pdwalker
Posts: 1116
Joined: 18 Mar 2015 09:16

Re: SQLGrey and Senders with Multiple IPs

Post by pdwalker » 12 Oct 2018 09:24

Yeah, so here is how it looks on my system

Code: Select all

[root@efa MailScanner]# grep -r "X-Greylist: whitelisted" * | wc -l
36543
[root@efa MailScanner]# grep -r "X-Greylist: delayed" * | wc -l
35
That's roughly a little less than 0.1% of all mail received in the last 60 days got greylisted, delayed and then delivered. That's not very many. Most mail is recognized and let through, as expected.

Of those 35 messages, the delay time ranged from about 5, 10, 15, 30ish minutes to as long as 3, 11, 12.5 hours (3 messages only). I'd say that's not so bad.

Now I could check my logs and count out the total number of messages greylisted and see how many didn't return, and since that's quick, I did. Over the last 30 days, I only had about 150 messages subjected to greylisting, of which most didn't come back.

So, all in all I'd say that the greylisting is working as designed on my system. Yes, new senders will get a delay, and new senders with lots of gateways could potentially suffer several delays, but give it time and things will get better.

I'd rather have delays if incoming mail rather than more junk.

Mail2GoCa
Posts: 17
Joined: 10 Oct 2018 09:11

Re: SQLGrey and Senders with Multiple IPs

Post by Mail2GoCa » 13 Oct 2018 07:10

I'm with you on that one pdwalker.
Better more delays than more junk.

User avatar
shawniverson
Posts: 2605
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: SQLGrey and Senders with Multiple IPs

Post by shawniverson » 14 Oct 2018 23:53

New feature on v4 I am working on...

postscreen

yeah, postscreen. postscreen baby 8-) :ugeek: :violin:
Version 3.0.2.6 released! Update now to keep your eFa secure!

Post Reply