I’ve been trying to focus on Run Your Own Mail Server throughout October, and making some progress.
Greylisting is a divisive technique. The first time a site mails your server, greylisting delays messages from ten minutes to a couple hours. If people in your organization insist that email is instantaneous despite all evidence to the contrary, that’s a problem. If some web site uses email to send authentication codes that are valid for only ten minutes, that’s an problem. (The problem is that the web site is delivering ephemeral data via an unsuitable protocol but still, you must cope with it.) Some domains use large server farms of MTAs, and resend attempts almost never come from the same IP address. That’s definitely a problem.
One fun thing about greylisting is that you might accidentally deploy it. Postscreen’s deep inspection functions are not deliberate greylisting, but the effects are indistinguishable from greylisting.
I’m still offering sponsorships for RYOMS. But I’ll be offering them next week also. There’s no rush.