Author: Tafaz
Visits: 1964
Date: 13.04.2010
scroll till the end of the ACL and before the beginning of the next that usually is
# ACL that is used after the DATA command
check_message:
insert
# GreyListing
defer message = Sender verification for $sender_host_address in progress. Please try later.
log_message = greylisted.
!senders = :
!hosts = : +relay_hosts : +whitelist_hosts : +whitelist_hosts_ip
!authenticated = *
!domains = : ${if exists {/etc/greylistd/skip-greylist}\
{/etc/greylistd/skip-greylist}{}}
domains = +local_domains : +relay_domains
verify = recipient/callout=20s,use_sender,defer_ok
condition = ${readsocket{/var/run/greylistd/socket}\
{--grey \
$sender_host_address \
$sender_address \
@$domain}\
{5s}{}{false}}
deny message = $sender_host_address is blacklisted
log_message = blacklisted.
!senders = :
!authenticated = *
verify = recipient/callout=20s,use_sender,defer_ok
condition = ${readsocket{/var/run/greylistd/socket}\
{--black \
$sender_host_address \
$sender_address \
$local_part@$domain}\
{5s}{}{false}}
now in the following ACL
# ACL that is used after the DATA command
check_message:
just before accept command insert
defer
message = Sender verification for $sender_host_address in progress. Please try later.
log_message = greylisted.
senders = :
!hosts = : +relay_hosts : +whitelist_hosts : +whitelist_hosts_ip
!authenticated = *
condition = ${readsocket{/var/run/greylistd/socket}\
{--grey \
$sender_host_address \
$recipients}\
{5s}{}{false}}
deny
message = $sender_host_address is blacklisted from delivering \
mail from <$sender_address> to <$recipients>.
log_message = blacklisted.
!senders = :
!authenticated = *
condition = ${readsocket{/var/run/greylistd/socket}\
{--black \
$sender_host_address \
$recipients}\
{5s}{}{false}}
now we can save exim.conf and restart exim
/etc/init.d/exim restart
if the restart of the process is errors free we can check on exim logs if greylist is working
tailf -f /var/log/exim/mainlog
if so we'll find something like this
2008-03-17 13:05:17 H=hore.iptelecom.net.ua [212.xx.224.8] F=<ins> temporarily rejected RCPT : greylisted.
we can also check greylistd stats with the following command
srv01:~# greylist stats
Statistics since Fri Apr 2 12:48:23 2010 (10 days and 21 hours ago)
--------------------------------------------------------------------
2798 items, matching 3374 requests, are currently whitelisted
0 items, matching 0 requests, are currently blacklisted
139 items, matching 144 requests, are currently greylisted
Of 3945 items that were initially greylisted:
- 2798 ( 70.9%) became whitelisted
- 1147 ( 29.1%) expired from the greylist
in order to allow trusted domains to skip greylistd /etc/greylistd/skip-greylist one ip per line.
to add some public ISPs to whitelist you can get a list of trusted ips here http://users.aber.ac.uk/auj/spam/iplist.txt and add them to greylist, i wrote a little PHP script that you can run in cron every day to fetch this public whitelist and insert into greylist automatically.
<?php
$f = file_get_contents("http://users.aber.ac.uk/auj/spam/iplist.txt");
if(preg_match_all("#([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})#si",$f,$r)){ //gets ips from file
foreach($r[0] as $ip){
$r = exec("/usr/bin/greylist check ".escapeshellarg($ip)); //check wheter current ip is already in whitelist
if($r!='white'){
exec("/usr/bin/greylist add --white ".escapeshellarg($ip)); //insert ip in whitelist
}
}
} else {
echo "GREYLIST: nothing to import";
}
?>
Se vuoi discutere con noi su questo articolo o comunque vuoi porci delle domande usa il nostro Forum
