Greylisting delay

The sending server is free to decide when to retry the delivery of an email. So 60 seconds is not the time an email arrives, its the minimum time that the sending server must wait, so it may even wait an hour or longer to retry, if the admin of the sending system configured it like this.

 

This would be very low, and as Till said, the sending server may still take longer to retry.

 

Some mail services will retry very quickly, and a lower value can allow mail to get delivered faster. I think I've seen some spam which retries immediately and would pass if < 5 seconds, so I wouldn't go below 5 or maybe 10. On the most recent server I configured I set rspamd greylist timeout to 6 seconds, fwiw.

And on that note, you might consider the benefits of uninstalling postgrey entirely, then switching to rspamd and using it's greylisting feature, which activates at a score threshold, so mail which looks very unlike spam won't be greylisted, but mail which has more spam characteristics, yet not high enough to be marked as such, is delayed so that when/if it is retried, it's more likely to be on blacklists.

 

I should also note on this server I have postscreen in use, so a lot of spam that won't pass greylisting at all won't even hit rspamd. I don't know any stats offhand, but I think "greylist everything" used to be much more effective that it is today, with more (most?) spam coming from legit servers via compromised accounts; in that environment the purpose of greylisting is to gain a little more time for blacklists to catch up (and that's only a matter of seconds for some lists). Postscreen has no timeout (an immediate redelivery attempt will be allowed), and I use postwhite to bypass it for many large providers/mailers.

 

Yes.