Configuring antispam settings : Configuring greylisting : Configuring the grey list TTL and initial delay
Configuring the grey list TTL and initial delay
The Settings tab lets you configure time intervals used during the automatic greylisting process.
For more information on the automatic greylisting process, see “About greylisting”.
To access this part of the web UI, your administrator account’s:
Domain must be System
access profile must have Read or Read-Write permission to the Policy category
For details, see “About administrator account permissions and domains”.
To configure greylisting intervals
1. Go to AntiSpam > Greylist > Settings.
2. Configure the following:
GUI item
Description
TTL
Enter the time to live (TTL) that determines the maximum amount of time that unused automatic greylist entries will be retained.
Expiration dates of automatic greylist entries are determined by the following two factors:
Initial expiry period: After a greylist entry passes the greylist delay period and its status is changed to PASSTHROUGH, the entry’s initial expiry time is determined by the time you set with the CLI command set greylist-init-expiry-period under config antispam settings (see the FortiMail CLI Reference). The default initial expiry time is 4 hours. If the initial expiry time elapses without an email message matching the automatic greylist entry, the entry expires. But the entry will not be removed.
TTL: Between the entry’s PASSTHROUGH time and initial expiry time, if the entry is hit again (the sender retries to send the message again), the entry’s expiry time will be reset by adding the TTL value (time to live) to the message’s “Received” time. Each time an email message matches the entry, the life of the entry is prolonged; in this way, entries that are in active use do not expire. If the TTL elapses without an email message matching the automatic greylist entry, the entry expires. But the entry will not be removed.
For more information on automatic greylist entries, see “Viewing the greylist statuses”.
Greylisting period
Enter the length of the greylist delay period.
For the initial delivery attempt, if no manual greylist entry (exemption) matches the email message, the FortiMail unit creates a pending automatic greylist entry, and replies with a temporary failure code. During the greylist delay period after this initial delivery attempt, the FortiMail unit continues to reply to additional delivery attempts with a temporary failure code.
After the greylist delay period elapses and before the pending entry expires (during the greylist window), any additional delivery attempts will confirm the entry and convert it to an individual automatic greylist entry. The greylist scanner will then allow delivery of subsequent matching email messages. For more information on pending and individual automatic greylist entries, see “Viewing the pending and individual automatic greylist entries”.
 
 
You can use the CLI to change the default 4 hour greylist window. For more information, see the CLI command set greylist-init-expiry-period under config antispam settings in the FortiMail CLI Reference.