Resolved grey list blocks inbound mails

[fabieng]

Hello

I activated the greylist function, but it seems that this is blocking inbound mails :

May 28 11:19:06 vps...... postfix/smtpd[17865]: 776F2A33: milter-reject: DATA from 14.mo4.mail-out.ovh.net[46.105.40.29]: 451 4.7.1 Service unavailable - try again later; from=<........> to=<........> proto=ESMTP helo=<14.mo4.mail-out.ovh.net>
May 28 11:27:38 vps...... postfix/smtpd[18833]: 499CBA33: milter-reject: DATA from 3.mo4.mail-out.ovh.net[46.105.57.129]: 451 4.7.1 Service unavailable - try again later; from=<........> to=<........> proto=ESMTP helo=<3.mo4.mail-out.ovh.net>
May 28 11:34:25 vps...... postfix/smtpd[26905]: 21D8F92E: milter-reject: DATA from a56-245.smtp-out.eu-west-1.amazonses.com[54.240.56.245]: 451 4.7.1 Service unavailable - try again later; from=<........> to=<........> proto=ESMTP helo=<a56-245.smtp-out.eu-west-1.amazonses.com>

it seems to be a known issue, but I couldn't find any concrete solution. Did I miss somehitng or basically the greylist function is not working with plesk onyx ?

thx.

 

[Monty]

Greylisting works with Plesk Onyx, we use it here too.

But what you see in your logs are 3 different mails (3 different sending IP addresses and probably also 3 different sender/recipient pairs, but you redacted them so I can't tell for sure). So the first connection is rejected with a 4xx SMTP code ("try later") and when the same triplet (IP, sender, recipient) connects again after some time the mail will pass and the IP will be added to the temporary whitelist to prevent future delays.

Have a look here to understand how Greylisting works: How to configure Greylisting?
Also see: Greylisting - Wikipedia

 

[ChristophRo]

Blocking inbound mails (on the first delivery attempt) is the purpose of Greylisting and there is nothing wrong with it or it's implementation in Plesk (Onyx)

That said, I cannot recommend using Greylisting anymore, due to the fact that more and more mail hosters start to use a plethora of outbound mail servers to distribute emails. (they do that mostly to work around blacklisting of their own servers)
That can and will cause massive delays (up to not delivered emails) for incoming messages, if you use a system like Greylisting, due to never receiving the same message from the same sending server.

Well of course, you can always Whitelist these "server farms" of such mail hosters in the greylisting filter of Plesk (a couple are already predefined there....Office365, Gmail, and more I think) but in the end I don't think it's worth the time and hassle.

 

[fabieng]

yes sorry, log was not full. I can confirm you that the 2 first are same mail, and has been refused 3 times :

May 28 11:19:06 vpsxxxxxx postfix/smtpd[17865]: 776F2A33: milter-reject: DATA from 14.mo4.mail-out.ovh.net[46.105.40.29]: 451 4.7.1 Service unavailable - try again later; from=<....@...> to=<....@...> proto=ESMTP helo=<14.mo4.mail-out.ovh.net>
May 28 11:27:38 vpsxxxxxx postfix/smtpd[18833]: 499CBA33: milter-reject: DATA from 3.mo4.mail-out.ovh.net[46.105.57.129]: 451 4.7.1 Service unavailable - try again later; from=<....@...> to=<....@...> proto=ESMTP helo=<3.mo4.mail-out.ovh.net>
May 28 11:37:35 vpsxxxxxx postfix/smtpd[26959]: 682E992E: milter-reject: DATA from 12.mo4.mail-out.ovh.net[178.33.104.253]: 451 4.7.1 Service unavailable - try again later; from=<....@...> to=<....@...> proto=ESMTP helo=<12.mo4.mail-out.ovh.net>

here is greylist config
Grey listing checking disabled
Grey interval 5 minutes
Expire interval 51840 minutes
Penalty interval 2 minutes
Penalty disabled
Personal grey listing
configuration allowed


>>> this mail should not have been refused on 2nd and 3rd time.

I can see this as well :

May 28 11:37:35 vpsxxxxxx postfix/smtpd[26959]: connect from 12.mo4.mail-out.ovh.net[178.33.104.253]
May 28 11:37:35 vpsxxxxxx postfix/smtpd[26959]: 682E992E: client=12.mo4.mail-out.ovh.net[178.33.104.253]
May 28 11:37:35 vpsxxxxxx greylisting filter[27055]: Starting greylisting filter...
May 28 11:37:35 vpsxxxxxx /usr/lib/plesk-9.0/psa-pc-remote[21040]: handlers_stderr: DEFER
May 28 11:37:35 vpsxxxxxx /usr/lib/plesk-9.0/psa-pc-remote[21040]: DEFER during call 'grey' handler
May 28 11:37:35 vpsxxxxxx /usr/lib/plesk-9.0/psa-pc-remote[21040]: Message aborted.
May 28 11:37:35 vpsxxxxxx postfix/smtpd[26959]: 682E992E: milter-reject: DATA from 12.mo4.mail-out.ovh.net[178.33.104.253]: 451 4.7.1 Service unavailable - try
again later; from=<....@...> to=<....@...> proto=ESMTP helo=<12.mo4.mail-out.ovh.net>
May 28 11:37:35 vps686592 postfix/smtpd[26959]: disconnect from 12.mo4.mail-out.ovh.net[178.33.104.253]


>> handlers_stderr: DEFER

 

[fabieng]

(I disabled greylisting as it is blocking inbound mails)

 

[ChristophRo]

From the perspective of your server it's not the same message, because it received it from three different mailservers:

- 14.mo4.mail-out.ovh.net
- 3.mo4.mail-out.ovh.net
- 12.mo4.mail-out.ovh.net

 

[fabieng]

yes this is what I saw copying the logs this means that untill all the IP from a mx senders will be registred, mails will be delayed this can be an issue in delivering mails. thx for your help.

 

[MarkM]

Well of course, you can always Whitelist these "server farms" of such mail hosters in the greylisting filter of Plesk (a couple are already predefined there....Office365, Gmail, and more I think) but in the end I don't think it's worth the time and hassle.

And now that you whitelist these farms, your filtering is absolutely useless. Greylisting should really just die already.