[AusNOG] Greylisting in an ISP / Hosting Environment

Nicholas_Maesepp at scee.net Nicholas_Maesepp at scee.net
Mon Apr 27 11:45:42 EST 2009 

Hi

 First time poster, short term lurker. So go easy on me If I do wrong.

Company I work for send a variety of mail to Australian users typically 
with ISP email accounts which usually take the form of a support email for 
a problem or a product with us for repair. Sometimes this comes from a do 
not reply address with information to let them know the status of their 
support issue, obviously not meant for two way communication. This can 
cause issues for us if a customer is expecting an email (confirmation or 
status update) after talking to a support line personnel and deciding to 
call back if he has not received it in what he expects to be a reasonable 
response time, incurring extra costs for us. 

I have also run into issues with Sender Verification with my do not reply 
bounce email that I have to whitelist the ISP and then blackhole the 
email, which is not what I ideally like. But that is beside the point.

That said, I like greylisting and support it. The problem I have is with 
communicating with the greylister, I would like an easy way to deal with 
external companies about getting on their whitelists. Even if that 
requires a bunch of documents to verify who I am, company, list of sending 
MX's etc. Whitelisting between general business isn't as hard, it's 
generally the ISP's (larger worse) that I find the hardest as there are so 
many support people to get through before you can find someone that 
actually knows about the mail filtering, typically the only recourse ends 
with sending an email to postmaster@ or hostmaster@ and hope it is 
actually monitored.

It is as simple as a section on a contact us page on a website, 
surprisingly most don't have it. Most people who maintain a mailserver can 
easily tell when they have been greylisted, assuming the greylister has an 
informative temporary rejection message - I know some even put in a URL. I 
think all legitimate senders would be willing to spend a fraction of their 
time to verify themselves properly with externals and for a reasonable 
period of time if this info was easily accessible. Especially if in the 
long run it can reduce our support costs / calls as I'm sure it would do 
for the greylister as well. 

Cheers

Nick





From:
Nick Brown <nick at inticon.net.au>
To:
"ausnog at ausnog.net" <ausnog at ausnog.net>
Date:
27/04/2009 10:48 AM
Subject:
[AusNOG] Greylisting in an ISP / Hosting Environment
Sent by:
ausnog-bounces at lists.ausnog.net



Morning All,

I know this is somewhat off topic for the list, but I'm sure the 
collective mind here will be knowledgeable in the issue none the less.

Our MX gateways have been performing greylisting on all inbound 
connections for the last year or so. This has resulted in a huge 
reduction of spam, when completed after a number of RBL + sender 
behavior policies. Customers for the most part don't seem to notice any 
delay however the odd issue pops up - especially over the last week 
(After our Greylisting whitelist - automatically populated, was purged 
by accident) where we have numerous complaints about email taking hours 
to come in.

Somewhat surprisingly one of the most frequent complaints is where the 
sender is Bigpond, with a typical delay of 1-2 hours.

I'm wanting to get a general feel for the industries views on 
Greyisting, specifically as for the most part the people on this list 
are the ones who are infact trying to send us legitimate email. Is the 
consensus to try and build a well populated whitelist of known networks, 
or are we better to drop Greylisting - incur significant extra load on 
the gateways, and have to spend the extra time trying to fine tune the 
heuristics of our applications.

And before the Ironport brigade comes galloping in, trust me - if the 
budget was there, we would be racking them up already :-)

Cheers.
Nick.
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog


**********************************************************************
This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed. 
If you have received this email in error please notify postmaster at scee.net
This footnote also confirms that this email message has been checked for 
all known viruses.
Sony Computer Entertainment Australia Pty. Limited
Registered Office: Level 1, 63-73 Ann Street, Surry Hills, NSW 2010 
Australia
Registered in Australia: 077 583 183
**********************************************************************
P Please consider the environment before printing this e-mail

More information about the AusNOG mailing list