I have a FortiMail with Greylisting turned on. The idea is that only after a valid SMTP retry, an email will get released.
However, it appears that for a large email provider like outlook.com, that SMTP retries arrive from different IP addresses, which completely defeats Greylisting.
Does RFC 2821 specify that SMTP retried MUST come from the same IP address? If not, I don’t see how Greylisting can work.
The RFCs don’t really say anything about what IP address a sender might use.
You can leave greylisting on in this scenario if you can tolerate lengthy delays in mail receipt.
I run greylisting with 300 seconds and this is sufficient for virtually every email provider, including O365. While they often do resend from a different address, for any given message the pool of IPs they use is rather small, and the message does eventually arrive. After that it’s not a problem.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.