Submitted by daniel on Fri, 03/05/2019 - 13:15 I have experienced issues either directly or indirectly with organisations that use Amazon's Simple Email Service. After some investigation my plesk based mail server uses grey listing to cut down on spam emails. One consequence of this is if it does not recognise the mail server it will grey list it, essentially delaying the delivery of the said email. Eventually it will deliver it but chances are any token attached will have long expired. One approach to speed up the delivery of these types of emails is simply to add the said mail server to the list of white listed servers. Here I show you you how. Firstly we can see there is a problem by checking the mail logs: tail -1000 /var/log/maillog Here we can see entries like so May 3 12:05:55 loboweb2 postfix/smtpd[19565]: 853032183F: milter-reject: DATA from a8-91.smtp-out.amazonses.com[54.240.8.91]: 451 4.7.1 Service unavailable - try again later; from=<0100016a7d4d910a-c6785da7-e479-45ec-96ca-ce4660196fbf-000000@amazonses.com> to=<info@danlobo.co.uk> proto=ESMTP helo=<a8-91.smtp-out.amazonses.com> This tells us that there is a problem with delivery of Amazon SES emails. https://support.plesk.com/hc/en-us/articles/115003220374-Delivery-of-notification-mails-from-Amazon-SES-delayed-for-several-hours To resolve this we essentially need to white list Amazon's SES service to prevent a delay in receiving these emails. Lets first check to see which servers are already white listed: /usr/local/psa/bin/grey_listing --info-server This will return something like: Grey listing configuration. Grey listing checking enabled Grey interval 5 minutes Expire interval 51840 minutes Penalty interval 2 minutes Penalty disabled Personal grey listing configuration allowed Server-wide black list: Server-wide white list: *@amazonses.com White domains patterns list: *.amazonses.com *.office365.com *.outlook.com *.outlook.office.com *google.com *mail.ru *messaging.microsoft.com *parallels.com *plesk.com *rambler.ru *yahoo.com *yandex.ru Black domains patterns list: *[0-9][0-9]-[0-9][0-9]-[0-9][0-9]* *[0-9][0-9].[0-9][0-9].[0-9][0-9]* *[0-9][0-9][0-9]-[0-9][0-9][0-9]-[0-9][0-9][0-9]* *[0-9][0-9][0-9].[0-9][0-9][0-9].[0-9[0-9]][0-9]* dsl|broadband|hsd dsl|pool|broadband|hsd dynamic|static|ppp|dyn-ip|dial-up SUCCESS: Gathering of server wide information complete. [root@loboweb2 git]# /usr/local/psa/bin/grey_listing --info-server Grey listing configuration. Grey listing checking enabled Grey interval 5 minutes Expire interval 51840 minutes Penalty interval 2 minutes Penalty disabled Personal grey listing configuration allowed Server-wide black list: Server-wide white list: White domains patterns list: *.office365.com *.outlook.com *.outlook.office.com *google.com *mail.ru *messaging.microsoft.com *parallels.com *plesk.com *rambler.ru *yahoo.com *yandex.ru To add amazon to the 'White domains patterns list', use the folowing syntax: /usr/local/psa/bin/grey_listing --update-server -domains-whitelist add:*.amazonses.com For good measure you can also update the 'server wide white list'. /usr/local/psa/bin/grey_listing --update-server -whitelist add:*@amazonses.com I am not certain what the correct protocol here. Previous entries seem to use the -domain-whitelist where as other documentation seems to mention using the 'server wide white list'? Some further investigation required perhaps. Once done, check that the 'White domains patterns list' has been updated and then restart your mail service: /usr/local/psa/admin/sbin/mailmng-service --restart-service With a bit of luck you will now receive emails form amazon SES without a delay. Tags: Plesk Amazon SES Greylisting email Add new comment9 views Comments daniel grey listing linked in Okay it looks like there are other services other than amazon that are affected by grey listing. loboweb2 postfix/smtpd[23799]: D5E4920694: milter-reject: DATA from maila-dc.linkedin.com[108.174.6.139]: 451 4.7.1 Service unavailable - try again later; from=<m-56nh8tnvy42giet9lxih1r4c0sjnukfos1el6j36xgkwqfqsw2o20y7l@bounce.linkedin.com> to=<info@danlobo.co.uk> proto=ESMTP helo=<maila-dc.linkedin.com adding linkedin So I can confirm that simply running the following seems to circumvent the issue even with out restarting the mail server. /usr/local/psa/bin/grey_listing --update-server -domains-whitelist add:*.inkedin.com Reply Wed, 08/05/2019 - 12:15 Permalink Add new comment You must have JavaScript enabled to use this form. Your name Subject Comment About text formats Filtered HTML Web page addresses and email addresses turn into links automatically. Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> Lines and paragraphs break automatically. Save Preview
daniel grey listing linked in Okay it looks like there are other services other than amazon that are affected by grey listing. loboweb2 postfix/smtpd[23799]: D5E4920694: milter-reject: DATA from maila-dc.linkedin.com[108.174.6.139]: 451 4.7.1 Service unavailable - try again later; from=<m-56nh8tnvy42giet9lxih1r4c0sjnukfos1el6j36xgkwqfqsw2o20y7l@bounce.linkedin.com> to=<info@danlobo.co.uk> proto=ESMTP helo=<maila-dc.linkedin.com adding linkedin So I can confirm that simply running the following seems to circumvent the issue even with out restarting the mail server. /usr/local/psa/bin/grey_listing --update-server -domains-whitelist add:*.inkedin.com Reply Wed, 08/05/2019 - 12:15 Permalink