Greylisting problem? (4.3 246)

Use this forum if you want to discuss a problem or ask a question related to a hMailServer beta release.
Post Reply
xarcson
New user
New user
Posts: 2
Joined: 2006-11-15 21:05

Greylisting problem? (4.3 246)

Post by xarcson » 2006-11-15 21:19

hey guys

For a few months I'm fascinated of hMailserver. I'm running a webhosting server and hMailserver as mailserver. Last sunday i installed the newest version (4.3 beta 246). The greylisting feature is very handy! I love it. I receive as few spam mails as never before.

Unfortunately I have the suspicion that's something wrong with the greylisting or another anti-spam feature. Customers told me that since sunday evening they don't receive any emails anymore and that's bad. I think it could be also a configuration fault of me.

I watched the logfiles and I've seen a mail which another mailserver tried to send a few times and after a few times I don't see the "please try again"-message anymore. Instead I see: SENT: 250 Queued (0.063 seconds)
Sounds good,...but the message never showed up in my inbox and that's about 12h ago.

Could it be that this message was flagged as spam after the greylisting check and then deleted? It was a test-mail of mine, i sent it from another server.

I turned off the greylisting protection now, but I'd love to bring it back, spam is already getting on my nerves again.

greetings,
fabian

User avatar
martin
Developer
Developer
Posts: 6834
Joined: 2003-11-21 01:09
Location: Sweden
Contact:

Post by martin » 2006-11-15 21:22

No, if a message is queued, it won't be deleted due to grey listing.

Hard to say why that specific message was blocked. Don't they receive any email, or is it some mail they don't receive? Do you receive any email? And do you have the SMTP/Application log enabled?

xarcson
New user
New user
Posts: 2
Joined: 2006-11-15 21:05

Post by xarcson » 2006-11-16 08:25

hm...today one costumer sent me a mail and said the redirection won't work. Because of that i think it's not a problem with greylisting. I think the only problem with greylisting was that google and other big companies have more than one smtp server and everytime they try the second or third time it's from another ip. So I have to define them in the whitelist...

The redirection is done by rules, it's an artefact of the old version. I haven't changed it yet...should I?

I've SMTP and application log enabled, could i sent you the file? I found out it occurs only with specific mail servers.

bazporter
Normal user
Normal user
Posts: 98
Joined: 2005-06-03 16:14

Post by bazporter » 2006-11-16 10:10

There are a whole lot of servers that handle grey listing very badly. Doing a Google search turns up a lot of different entries:

Code: Select all

207.171.168.*	Amazon.com (common pool)
207.171.180.*	Amazon.com (common pool)
207.171.187.*	Amazon.com (common pool)
207.171.188.*	Amazon.com (common pool)
207.171.190.*	Amazon.com (common pool)
204.107.120.*	Ameritrade (no retry)
204.107.120.10	Ameritrade (no retry)
205.188.139.136	AOL Outgoing Mail Server
205.188.139.137	AOL Outgoing Mail Server
205.188.144.207	AOL Outgoing Mail Server
205.188.144.208	AOL Outgoing Mail Server
205.188.156.66	AOL Outgoing Mail Server
205.188.157.33	AOL Outgoing Mail Server
205.188.157.34	AOL Outgoing Mail Server
205.188.157.35	AOL Outgoing Mail Server
205.188.157.36	AOL Outgoing Mail Server
205.188.157.37	AOL Outgoing Mail Server
205.188.157.38	AOL Outgoing Mail Server
205.188.157.39	AOL Outgoing Mail Server
205.188.157.40	AOL Outgoing Mail Server
205.188.157.41	AOL Outgoing Mail Server
205.188.157.42	AOL Outgoing Mail Server
205.188.159.7	AOL Outgoing Mail Server
64.12.137.1	AOL Outgoing Mail Server
64.12.137.11	AOL Outgoing Mail Server
64.12.137.2	AOL Outgoing Mail Server
64.12.137.3	AOL Outgoing Mail Server
64.12.137.4	AOL Outgoing Mail Server
64.12.137.5	AOL Outgoing Mail Server
64.12.137.6	AOL Outgoing Mail Server
64.12.137.7	AOL Outgoing Mail Server
64.12.137.8	AOL Outgoing Mail Server
64.12.137.9	AOL Outgoing Mail Server
64.12.138.201	AOL Outgoing Mail Server
64.12.138.202	AOL Outgoing Mail Server
64.12.138.203	AOL Outgoing Mail Server
64.12.138.204	AOL Outgoing Mail Server
64.12.138.206	AOL Outgoing Mail Server
64.12.138.207	AOL Outgoing Mail Server
64.12.138.208	AOL Outgoing Mail Server
66.100.210.82	"appscorp.net, Groupwise?"
217.158.50.178	AXKit mailing list (unique sender per attempt)
65.82.241.160	"BellSouth.net, Groupwise?"
64.125.132.254	collab.net (unique sender per attempt)
64.125.133.202	collab.net (unique sender per attempt)
68.15.115.88	"cox.com, Groupwise?"
216.157.204.5	"crt.net, Groupwise?"
127.0.0.1	"Private network (Don't delay)"
192.168.1.*	"Private network (Don't delay)"
66.135.197.*	Ebay (common pool)
66.135.209.*	Ebay (for time critical alerts)
216.239.32.*	"gmail.com (common server pool, bad 451 handling?)"
216.239.56.*	"gmail.com (common server pool, bad 451 handling?)"
64.233.162.*	"gmail.com (common server pool, bad 451 handling?)"
64.233.170.*	"gmail.com (common server pool, bad 451 handling?)"
64.233.182.*	"gmail.com (common server pool, bad 451 handling?)"
64.233.184.*	"gmail.com (common server pool, bad 451 handling?)"
66.249.82.*	"gmail.com (common server pool, bad 451 handling?)"
72.14.204.*	"gmail.com (common server pool, bad 451 handling?)"
204.60.8.162	"greywolftech.com, Groupwise?"
12.107.209.244	"kernel.org mailing lists (high traffic, unique sender per mail)"
12.107.209.244	"kernel.org mailing lists (high traffic, unique sender per mail)"
66.27.51.218	ljbtc.com (Groupwise)
64.124.204.39	moveon.org (unique sender per attempt)
84.45.71.76	MyFujiMail server (bad 451 handling)
213.136.52.31	Mysql.com (unique sender)
211.29.132.*	optusnet.com.au (wierd retry pattern and more than 48hrs)
66.206.22.82	PLEXOR
66.206.22.83	PLEXOR
66.206.22.84	PLEXOR
66.206.22.85	PLEXOR
207.115.63.*	Prodigy (broken software that retries continually with no delay)
205.206.231.*	SecurityFocus.com (unique sender per attempt)
205.211.164.50	sentex.ca (common pool)
64.7.153.18	sentex.ca (common pool)
195.238.2.105	"skynet.be (wierd retry pattern, common pool)"
195.238.2.124	"skynet.be (wierd retry pattern, common pool)"
195.238.3.12	"skynet.be (wierd retry pattern, common pool)"
195.238.3.13	"skynet.be (wierd retry pattern, common pool)"
63.82.37.110	SLmail
209.132.176.174	"sourceware.org mailing lists (high traffic, unique sender per mail)"
12.5.136.141	"Southwest Airlines (unique sender, no retry)"
12.5.136.142	"Southwest Airlines (unique sender, no retry)"
12.5.136.143	"Southwest Airlines (unique sender, no retry)"
12.5.136.144	"Southwest Airlines (unique sender, no retry)"
63.169.44.143	"Southwest Airlines (unique sender, no retry)"
63.169.44.144	"Southwest Airlines (unique sender, no retry)"
209.104.63.*	Ticketmaster (poor retry config)
195.235.39.19	Tid InfoMail Exchanger v2.20
66.162.216.166	"twtelecom.net, Groupwise?"
66.89.73.101	"xo.com, Groupwise?"
66.163.187.*	"Yahoo Groups servers (common pool, no retry)"
66.218.66.*	"Yahoo Groups servers (common pool, no retry)"
66.218.67.*	"Yahoo Groups servers (common pool, no retry)"
66.218.69.*	"Yahoo Groups servers (common pool, no retry)"
66.94.237.*	"Yahoo Groups servers (common pool, no retry)"
216.136.226.*	"Yahoo Mail servers (common pool, no retry)"
216.155.201.64	"Yahoo Mail servers (common pool, no retry)"
216.155.201.65	"Yahoo Mail servers (common pool, no retry)"
Adding this lot to the Greylist whitelist seems to have resolved all my issues with specicifc sites. Maybe these should be added as default entries for the standard hMailServer build?

I also added the ones for DynDNS's mail servers as I use their Backup MX service too:

Code: Select all

204.13.249.91	mx2-chi1.mailhop.org - DynDNS Backup MX Relay (Don't delay)
204.13.249.92	mx2-chi2.mailhop.org - DynDNS Backup MX Relay (Don't delay)
204.13.250.91	mx2-sjc1.mailhop.org - DynDNS Backup MX Relay (Don't delay)
204.13.250.92	mx2-sjc2.mailhop.org - DynDNS Backup MX Relay (Don't delay)
63.170.10.91	mx2-iad1.mailhop.org - DynDNS Backup MX Relay (Don't delay)
63.170.10.92	mx2-iad2.mailhop.org - DynDNS Backup MX Relay (Don't delay)
--
Regards
Barry

gbuktenica
New user
New user
Posts: 14
Joined: 2006-10-16 08:58
Contact:

Post by gbuktenica » 2006-11-16 10:34

You should always whitelist your MX secondaries. It would be better to create IP ranges for your secondaries and untick the Spam protection as they affect things like SPF checking.

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Post by ^DooM^ » 2006-11-16 10:45

Thankyou bazporter. I will add that list to my servers asap as I am starting to have these issues with greylisting (Especially with yahoo)

Thanks for sharing your findings and I also think it would be a good idea to have most of these ip's pre-added to the whitelist on install.

bazporter
Normal user
Normal user
Posts: 98
Joined: 2005-06-03 16:14

Post by bazporter » 2006-11-16 10:53

gbuktenica wrote:You should always whitelist your MX secondaries. It would be better to create IP ranges for your secondaries and untick the Spam protection as they affect things like SPF checking.
Thanks for the advice gbuktenica. Added now.
^DooM^ wrote:Thankyou bazporter. I will add that list to my servers asap as I am starting to have these issues with greylisting (Especially with yahoo)

Thanks for sharing your findings and I also think it would be a good idea to have most of these ip's pre-added to the whitelist on install.
No problem.

Post Reply