Greylisting and Office 365

[abzsol]

Hi guys,

I've seen that lots of mails that come from *.protection.outlook.com stay in greylisting.
How can I solve this problem?

Thanks

 

[Stoiko Ivanov]

large mailproviders (outlook.com definitely belongs to them) use quite a large number of ip-addresses and networks for sending mails out.
greylisting works by saving the tripel of <sender-ip-net, senderaddress, recipientaddress> and deferring delivery on the first attempt of that tripel.
sender-ip-net is the /24 of the ip that sent the e-mail (e.g. for 192.168.1.1 it saves 192.168.1.0/24).

In the case of large mailproviders greylisting might not be the best choice.
You can:
* disable it globally (and accept that more spam might come through)
* whitelist domains which send mails via *.protection.outlook.com in the MailProxy-Whitelist
* whitelist all ip-networks for *.protection.outlook.com (however those do change and you'd need to keep the list up to date)

I hope this helps!

 

[abzsol]

large mailproviders (outlook.com definitely belongs to them) use quite a large number of ip-addresses and networks for sending mails out.
greylisting works by saving the tripel of <sender-ip-net, senderaddress, recipientaddress> and deferring delivery on the first attempt of that tripel.
sender-ip-net is the /24 of the ip that sent the e-mail (e.g. for 192.168.1.1 it saves 192.168.1.0/24).

In the case of large mailproviders greylisting might not be the best choice.
You can:
* disable it globally (and accept that more spam might come through)
* whitelist domains which send mails via *.protection.outlook.com in the MailProxy-Whitelist
* whitelist all ip-networks for *.protection.outlook.com (however those do change and you'd need to keep the list up to date)

I hope this helps!

Hi @Stoiko Ivanov
I've whitelisted this list of IPs, that's the only way to whitelist (your second choice doesn't work )

 

[Stoiko Ivanov]

I've whitelisted this list of IPs, that's the only way to whitelist (your second choice doesn't work )

hmm - could you post the logs for those cases?
Thanks

but glad your workaround works!

 

[KatyComputer]

Postwhite may be the solution to this and the rDNS issue. O365 servers frequently fail to have valid rDNS records, I would like to enforce this requirement, but cannot do so until I do something about white-listing Office 365 servers.

 

[heutger]

Don't use greylisting, it's a users nightmare (delay) and results are much less profitable any more since a decade ago. rspamd has a great greylisting implementation, which greylists only mails which hit a special spam score (given probability), so maybe in between more blacklists add potential spam and potential non-spam will get through then, but probability non-spam gets through directly.

 

[DerDanilo]

Don't use greylisting, it's a users nightmare (delay) and results are much less profitable any more since a decade ago. rspamd has a great greylisting implementation, which greylists only mails which hit a special spam score (given probability), so maybe in between more blacklists add potential spam and potential non-spam will get through then, but probability non-spam gets through directly.

Big providers don't care about common sense, they do what they want. Hence we need to somehow work with that.

Is this implemented by PMG? If not it would be awesome if this could be added to make the use of greylisting work again. Currently it just blocks simple mail that are time critical and are only send once by mail servers.

 

[heutger]

Big providers don't care about common sense, they do what they want. Hence we need to somehow work with that.

Is this implemented by PMG? If not it would be awesome if this could be added to make the use of greylisting work again. Currently it just blocks simple mail that are time critical and are only send once by mail servers.

Currently this feature request has been rejected. Maybe you can ask again or vote on Bugtracker.