Mail Security Greylisting

Discussion in 'Other ESET Business Products' started by Fuze, Feb 28, 2013.

Thread Status:
Not open for further replies.
  1. Fuze

    Fuze Registered Member

    Joined:
    Feb 28, 2013
    Posts:
    2
    Location:
    England
    Hi Guys,

    I've installed Mail Security 4.3.1 on our Exchange 2010 Windows 2008 R2 Server. For the past couple of days i've been making configuration changes and noting the effects.

    It appears that when Greylisting is activated it does a fine job of rejecting all of the spam mails that are never resent once bounced. However, there are a number of emails that are resent, passing through the greylisting filter, then apparently not being filtered by anything else.

    I've tried adding domains to the global blacklist but it appears that if they pass the greylisting, they are considered quality emails and the blacklist is bypassed.

    These are not your typical viagra emails, more spammy mailing lists that send out emails for legitimate products and services and the emails are resent if they bounce once.

    It seems that the alternative is to disable greylisting (which would be a shame, as it does do a great job) then use the blacklists - surely it shouldnt be a case of using one or the other?

    Is the above behavior by design? Or should emails be checked by the other filters once they have passed through greylisting?

    Any ideas greatly appreciated!
     
  2. DrewD

    DrewD Eset Staff Account

    Joined:
    Feb 19, 2010
    Posts:
    88
    Greylisting filtering is performed first:

    In the scanning sequence, the first technique used is greylisting - if it is enabled. Consequent procedures will always execute the following techniques: protection based on user-defined rules, followed by an antivirus scan and, lastly, an antispam scan.

    The following lists are also respected by ESET Mail Security:

    When evaluating the message source, the method takes into account the configurations of the Approved IP addresses list, the Ignored IP addresses list, the Safe Senders and Allow IP lists on the Exchange server and the AntispamBypass settings for the recipient mailbox.

    * You can try adding the email addresses/domains to the BlockedSenders file:

    Further options for blacklisting/whitelisting are offered by files approvedsenders and blockedsenders, which can be found under C:\Documents and Settings\All Users\Application Data\ESET\ESET Mail Security\MailServer in Windows Server 2000 and 2003, and for Windows Server 2008 under C:\ProgramData\ESET\ESET Mail Security\MailServer. You can add sender addresses or domains to these lists, while the approvedsenders file represents the list of allowed
    addresses/domains, the blockedsenders file represents the list of blocked addresses/domains.

    If you require further assistance please contact ESET Support directly, so that we can have you submit specific entries from the ESET Mail Security Greylist, and Antispam logs:

    ESET Business Support:

    http://go.eset.com/us/support/contact/#business
     
  3. Fuze

    Fuze Registered Member

    Joined:
    Feb 28, 2013
    Posts:
    2
    Location:
    England
    Thanks for the response. I spoke to Eset support today, i've since installed the latest release candidate of Mail Security, and it all seems to be functioning as it should.

    Not really sure what was causing the issues, but it seems to have resolved itself now!
     
Thread Status:
Not open for further replies.