[colug-432] Recent change in retry behavior from large e-mail sites, affecting greylisting?

William Yang wyang at gcfn.net
Wed Jan 12 08:53:54 EST 2011 

I have changed reverse DNS and changed the A of an MX record in the past
3 months, and did a conversion of an exposed mail handler, moving it
behind a NAT firewall.  However, I've looked closely at those changes
and these issues do not seem to coincide with this.  It seems to have
started the week of Christmas.

I have seen several bounce notifications, and no, they are the typical
"hide all useful information from the ill-informed user" style you get
from consumer mail services.  I can track the initial connections back
in my logs and see the 451 4.7.1 greylist rejection but, again, no
corresopnding tuple re-use, and there's not even sender/recipient pair
reuse within 24 hours in most cases.  This is primarily affecting
infrequent communications between known correspondents.

	-Bill

On Wed, 2011-01-12 at 07:54 -0500, Angelo McComis wrote:
> Speculation only here - - but perhaps a lot of the majors
> (Yahoo/Google/MSN/AOL/etc) are doing "different" things in the wake of
> near exhaustion of IPv4 numbering, using more resources in "the
> cloud," or with resources being cramped, they simply don't bother to
> come back.  The latter-most being non-RFC-compliant, as a 4xx error
> message is not to be considered a perm fail, unlike a 5xx error.  
> 
> Do the people who mail you ever share the error/bounce message back to
> you? Does it have any clues?
> 
> I watch several lists where mail, spam, and trends like you mention
> would light those other lists up like a Christmas Tree, yet there are
> no blow ups on the other lists right now. Taking a current picture,
> the recent discussions around anything close to this is an overall
> decreased in blocked messages (indicating a smaller % of spam:legit
> email) because of a pretty major spammer takedown a month or so ago.
> 
> Are you seeing any failures from unknown IPs later on? Has anything on
> your side changed, such as your reverse DNS, MX records, etc? 
> 
> --Angelo
> 
> On Wed, Jan 12, 2011 at 6:47 AM, William Yang <wyang at gcfn.net> wrote:
>         Hey all-
>         
>         I've got only anecdotal evidence at this point, but I'm
>         wondering if
>         anyone else has noticed any changes in retry behavior at some
>         of the major mail
>         providers including Hotmail/MSN and Yahoo.  My greylist
>         implementation
>         is unchanged, but I've recently been getting out-of-band
>         questions from
>         friends and family about why they can't reach people at my
>         mail servers.
>         
>         Logs show the initial greylisting reject (451 4.7.1 [error
>         message]) and
>         no retries.  The retry just never seems to come.  I've already
>         got a
>         substantial list of whitelisted senders because of known
>         problems in how
>         they retry, and I've checked to see if it required any updates
>         both
>         against the puremagic site and the milter-greylist
>         distributions.  And,
>         again, this is a change in behavior just over the past few
>         weeks.
>         
>         Has anyone else observed this sort of behavior?
>         
>                -Bill
>         --
>         William Yang
>         wyang at gcfn.net
>         
>         
>         _______________________________________________
>         colug-432 mailing list
>         colug-432 at colug.net
>         http://lists.colug.net/mailman/listinfo/colug-432
> 
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432

-- 
William Yang
wyang at gcfn.net

More information about the colug-432 mailing list