Yesterday it was blocking emails from even though I have it in the exclusion list and whitelisted. It blocks about 99% of legitimate emails whenever someone resets a password somewhere, a verification email, etc. I've about reached my patience limit on GFI and the greylist. I have tried to check what the settings are in the registry but the GFI does not even exist in the following key: HKEY_LOCAL_MACHINE\SOFTWARE\GFI In which case 15minutes is quite long for my liking. I thought this because the default time of 15mins is pretty long.įrom what you are saying I now understand that the if the message is re-sent before the BlockPeriod expires, the email will be rejected once again. I figured the receiving server required a response within that period or else it would block the sender indefinitely. I believe I had misinterpreted what the blockperiod actually did. This would be serious for quite a few users.Īccording to this it is 15 minutes: Opens a new window In this case every greylisted genuine email would be looking at a minimum twenty minute delay. I have never changed this though.ġ5 minutes seems very long, are you sure that's their default? I think most mailservers retry after 5 minutes the first time and then it gets longer each retry. I'm thinking perhaps the "block period" is not set correctly? According to GFI documentation the default should be 15mins. which would have a barrage of different IP addresses so I do not think the IP part of the "triplet" is different each time.
The sender address is not a massive company i.e. reset passwords) get blocked as a false positive as they are generated by bots, however, situations like today I can see multiple attempts within 15 minutes of each other. I can understand when automated emails (i.e. If the sending mail server attempts to send again - within the correct timeframe - the receive server will see that it matches the first converstion triplet and push it through. I understand how greylisting works whereby if the receiving mail server receives an new "triplet" conversation it will send a temporary rejection email. Adding the domain to the exceptions will solve this, When checking the logs I could see the email was being caught by the greylist, however, there were multiple attempts from the same sender with a few minutes of each other but kept being blocked by the greylist. Today, a user reported they were not receiving an email from a particular sender. I've come across a few situations which do not match the behaviour I expect from the greylist. I'm just trying to understand what is happening with GFI's greylist.
0 kommentar(er)
