Now that Greylisting is out in WHM 11.50, I have some suggestions.
1. Do not enable the option for whitelisting connecting IPs that pass SPF checks by default.
Why? Because you'll whitelist nearly all of the spamming IPs that are currently targeting cPanel servers since spammers use SPF/CKIM.
2. Enable much more robust logging in the mail logs
the developers of the CP greylist daemon should really check out smf-grey-milter for ideas. You need to provide decent logging that indicates that a message came in and was deferred due to greylisting, and then keep track of how long it was between the time the message was initially deferred and the time it was accepted by the server.
Make separate distinct log entries to differentiate between when the message was deferred and when it was accepted
3. Add an X-header to messages subjected to greylisting.
Use the information to add an X-header to the processed emails so that recipients can look at their message headers and see (a) that the message had originally been greylisted and (b) how long it was greylisted for.
4. Add the ability to whitelist by full/partial PTR match
This really is a must.
WhitelistPTR .ac1.yahoo.com #
WhitelistPTR .ac2.yahoo.com #
WhitelistPTR .ac3.yahoo.com #
WhitelistPTR .ac4.yahoo.com #
WhitelistPTR mailserver.bob.com #
Of course, with PTR / partial PTR whitelisting, you also need to perform a forward lookup and ensure that forward/reverse match up. Otherwise, there is nothing that prevents spammers from using .ac4.yahoo.com in their reverse [because the spam friendly companies are glad to provide the spammers with the ability to set any PTR they want].
Assume you whitelist .mx.mydomain.com (any host whose PTR record ends in .mx.mydomain.com)
An IP address connects with a PTR of d.mx.mydomain.com. The greylisting daemon does a forward lookup on d.mx.mydomain.com to make sure the returned IP matches the Ip address of the connecting server. If it doesn't, whitelisting doesn't occur.
I'm sure I'll have more comments. Hopefully the cPanel folks are open to further enhancing the greylisting daemon. Adding the ability to greylist is a great start, but my feeling is that you [cPanel] have a long way to go [and I'm sure you realize that].
SMF-GREY-MILTER works beautifully. I've used it for many years. You should take a look at its features to get an idea of what should be added to the CP greylisting daemon.