How to determine why the Greylisting spam filter blocked or allowed a message

Answer

If you are questioning why an email was blocked or allowed by the Greylisting spam filter and would like more information, you can find further details in the log file for that filter. Use the following procedure to find the log and information regarding your message within it, and then use the examples below to interpret why the message was either blocked or allowed:

1. Find the message ID of the email in question by either gathering it from the headers of the message itself, or by looking for it in the MailEssentials Dashboard > Logs > Details tab
2. Open the ase_greylisting.gfi_log file in notepad from  ..\GFI\MailEssentials\AntiSpam\DebugLogs
   • This log is for the Greylisting Filter Module and corresponds to the Configuration > Anti-Spam > Anti Spam Filters > Greylisting in the interface
3. Do a search for the Message ID from the dashboard or the email headers.
   • Note: The Message IDs have been removed from the example log files below
   • Note: The bolded lines are the important ones in the log files for determine what has happened and why

Email was allowed by the module (any of the following):
 

• Email found in whitelist exclusion list, Bypass greylist - Remove from the autowhitelist, manual whitelist, or IP whitelist
• Email found in greylist exclusion list, Bypass greylist -  Remove from the Greylist Exclusions tab
• Connecting IP is a perimeter SMTP Server forwarding emails to this server, Bypass greylist - Remove from the perimeter servers list
• Interval larger than Block period - Authorize triple - This cannot be altered
• Triplet found in Temporary table - This cannot be altered

Email was blocked by the module:
 

• Interval [0] smaller than Block period - Send retry code- The sending server replied too quickly. It should attempt again in a few minutes and allow the message through.

Module is disabled: