Idea ID: 2854683

Provide an automated way to deal with gray-listed IP addresses.

Status : New Idea

What is a gray-listed IP address? It is an IP address that is not on a blacklist but does not yet have a good reputation.

SMG provides filters/exceptions to test for and deal with messages from blacklisted sites. These tests are pretty much black and white (pun intended)!

One can search for blacklisted IP addresses and there are procedures for getting them removed from the various blacklists but gray-listed IP addresses are a different matter completely.

  • There is no published criteria describing how an IP's reputation is assessed.
  • We are able to specify a range of reputations which should be temporarily rejected but that is of limited benefit if we don't know how a reputation is calculated.
  • New SMTP servers may very well be assigned an IP address that has not previously been used to send email. It will therefore likely have a very poor initial reputation.

In previous versions of SMG, before messages were scanned by BitDefender, IP reputations would improve each time a server attempted to send the same email. BitDefender has no capability to dynamically change an IP's reputation but SMG continues to deal with gray-listed IP addresses as it did in previous versions: it returns a 4xx SMTP error code which instructs the sending SMTP server to "try again later".

There are two issues here:

  1. If an IP's reputation will never change when a message is resent, SMG will reach the same conclusion each time the message is processed. The SMTP server definitely should not be told to "try again later"! In this situation, the concept of a temporary fail is meaningless.
  2. There will always be new SMTP servers and there will always be IP addresses that do not yet have a good reputation. It is unreasonable to expect SMG customers to create exceptions each time this happens.

I consider item 1 to be a bug so I opened an SR (a case). I was told this was Working As Designed. To change the products current behavior requires an enhancement to the product hence, this idea is being created.

BitDefender will change an IP's reputation if requested to do so but the request has to come from Micro Focus who will make the request on our behalf but we must open a new case (SR) each time. This is impractical so it would seem another product enhancement is needed to automate this process.


Please vote!