Hi, we have multiple Sophos UTM and also XGs in place. running very fine except...
...all Mails from Office365 to Sophos are EVERY time delay for 15 minutes.
So I went to mail header and figured out to all mails from Microsoft:
srvvsophos exim-in: 2021-11-24 18:04:55 1mpvhW-0002Ew-1h Greylisting: Greylisted 18.104.22.168
Every mail from office365 is every time greylisted. They NEVER leave that.
Turning off greylisting in Sophos . All fine.
I will not believe that Office365 cloud is greylisted 24X365...
Best from Berlin
Kiekema hier: https://docs.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide
I'lI bet you can use just a few of the IPv4 subnets from there for a greylisting exception. You can see what IPs were greylisted and then passed in November with:
zgrep 'Successful greylist retry' /var/log/smtp/2021/11/*|grep -oP ' from .*? \('|sort -n|uniq -c|more
Please let us know which subnets you used.
Cheers - Bob