head 1.50; access; symbols milter-greylist-4-5-13:1.50 milter-greylist-4-5-12:1.50 milter-greylist-4-5-11:1.50 milter-greylist-4-5-10:1.50 milter-greylist-4-9-10:1.50 milter-greylist-4-5-8:1.50 milter-greylist-4-5-9:1.50 milter-greylist-4-5-7:1.50 milter-greylist-4-5-6:1.50 milter-greylist-4-5:1.50 milter-greylist-4-5-5:1.50 milter-greylist-4-5-4:1.50 milter-greylist-4-5-3:1.50 milter-greylist-4-5-2:1.50 milter-greylist-4-5-1:1.49 milter-greylist-4-4-3:1.49 milter-greylist-4-4-2:1.48 milter-greylist-4-4-1:1.48 milter-greylist-4-4:1.48 milter-greylist-4-4-rc1:1.48 milter-greylist-4-4-alpha4:1.48 milter-greylist-4-4-alpha3:1.48 milter-greylist-4-4-alpha2:1.48 milter-greylist-4-4-alpha1:1.48 milter-greylist-4-2-7:1.45.2.1 milter-greylist-4-3-9:1.48 milter-greylist-4-2-6:1.45.2.1 milter-gresylit-4-2-6:1.45.2.1 milter-greylist-4-3-8:1.48 milter-greylist-4-3-7:1.48 milter-greylist-4-2-5:1.45.2.1 milter-greylist-4-3-6:1.48 milter-greylist-4-2-4:1.45.2.1 milter-greylist-4-3-5:1.46 milter-greylist-4-3-4:1.46 milter-greylist-4-2-3:1.45.2.1 milter-greylist-4-3-3:1.46 rmilter-greylist-4-2-3:1.45.2.1 milter-greylist-4-3-2:1.46 milter-greylist-4-3-1:1.46 milter-greylist-2-2-2:1.45.2.1 milter-greylist-4-2-2:1.45.2.1 milter-greylist-4-2-1:1.45.2.1 milter-greylist-4-2:1.45.2.1 milter-greylist-4-2-rc1:1.45.2.1 milter-greylist-4-2-beta1:1.45 milter-greylist-4-2-branch:1.45.0.2 milter-greylist-4-2-base:1.45 milter-greylist-4-2-0-base:1.45 milter-greylist-4-1-12:1.44 milter-greylist-4-1-11:1.44 milter-greylist-4-1-10:1.44 milter-greylist-4-1-9:1.44 milter-greylist-4-1-8:1.44 milter-greylist-4-1-7:1.44 milter-greylist-4-1-6:1.44 milter-greylist-4-0-1:1.42.2.1 milter-greylist-4-0-1-rc1:1.42.2.1 milter-greylist-4-1-5:1.44 milter-greylist-4-1-4:1.44 milter-greylist-4-1-3:1.44 milter-greylist-4-1-2:1.44 milter-greylist-4-1-1:1.43 milter-greylist-4-0-branch:1.42.0.2 milter-greylist-4-0-base:1.42 milter-greylist-4-0:1.42 milter-greylist-4-0-rc2:1.41 milter-greylist-4-0-rc1:1.40 milter-greylist-4-0-beta4:1.40 milter-greylist-4-0-beta3:1.40 milter-greylist-4-0-beta2:1.40 milter-greylist-4-0-beta1:1.40 milter-greylist-4-0-alpha6:1.39 milter-greylist-4-0-alpha5:1.39 milter-greylist-4-0-alpha4:1.39 milter-greylist-4-0-alpha3:1.39 milter-greylist-4-0-alpha2:1.39 milter-greylist-4-0-alpha1:1.39 milter-greylist-3-1-8:1.39 milter-greylist-3-1-7:1.39 milter-greylist-3-1-6:1.39 milter-greylist-3-1-5:1.39 milter-greylist-3-1-5-alpha1:1.39 milter-greylist-3-0-1-beta1:1.37.2.2 milter-greylist-3-1-4:1.39 milter-greylist-3-1-3:1.39 milter-greylist-3-1-2:1.39 milter-greylist-3-1-1:1.39 milter-greylist-3-0:1.37.2.2 milter-greylist-3-0-rc7:1.37.2.2 milter-greylist-3-0-rc6:1.37.2.2 milter-greylist-3-0-rc5:1.37.2.2 milter-greylist-3-0-rc4:1.37.2.2 milter-greylist-3-0-rc3:1.37.2.1 milter-greylist-3-0-rc2:1.37.2.1 milter-greylist-3-0-rc1:1.37.2.1 milter-greylist-3-0-alpha6:1.37 milter-greylist-3-0-branch:1.37.0.2 milter-greylist-3-0-base:1.37 milter-greylist-3-0-alpha5:1.37 milter-greylist-3-0-alpha4:1.37 milter-greylist-3-0-alpha3:1.37 milter-greylist-3-0-alpha2:1.37 milter-greylist-3-0-alpha1:1.36 milter-greylist-2-1-12:1.36 milter-greylist-2-1-11:1.36 milter-greylist-2-1-10:1.36 milter-greylist-2-1-9:1.36 milter-greylist-2-1-9a1:1.36 milter-greylist-2-1-8:1.36 milter-greylist-2-1-7:1.36 milter-greylist-2-1-6:1.34 milter-greylist-2-1-5:1.34 milter-greylist-2-1-4:1.34 milter-greylist-2-1-3:1.33 milter-greylist-2-1-2:1.32 milter-greylist-2-1-1:1.32 milter-greylist-2-0-2:1.30 milter-greylist-2-0-1:1.30 milter-greylist-2-0-1-b1:1.30 milter-greylist-2-0-release:1.30 milter-greylist-2-0-rc5:1.30 milter-greylist-2-0-rc4:1.30 milter-greylist-2-0-rc3:1.27 milter-grey-list-2-0-rc3:1.27 milter-grey-list-2-0-rc2:1.27 milter-grey-list-2-0-rc1:1.27 milter-greylist-2-0-beta7:1.27 milter-greylist-2-0-beta6:1.27 milter-gre-ylist-2-0-beta5:1.27 milter-greylist-2-0-beta5:1.27 milter-greylist-2-0-beta4:1.27 milter-greylist-2-0-beta3:1.27 milter-greylist-2-0-beta2:1.27 milter-greylist-2-0:1.24.0.2 milter-greylist-2-0-base:1.24 milter-greylist-2-0-beta1:1.24 milter-greylist-1-7-5:1.24 before_delayed_tempfail:1.23 milter-greylist-1-7-4:1.19 milter-greylist-1-7-3:1.19 milter-greylist-1-7-2:1.19 milter-greylist-1-6-0:1.18.2.2 milter-greylist-1-7-1:1.18 milter-greylist-1-6rc1:1.18 milter-greylist-1-6:1.18.0.2 milter-greylist-1-6-base:1.18 milter-greylist-1-5-12:1.18 milter-greylist-1-5-11:1.17 milter-greylist-1-5-10:1.17 milter-greylist-1-5-9:1.17 milter-greylist-1-5-8:1.17 milter-greylist-1-5-7:1.17 milter-greylist-1-5-6:1.17 milter-greylist-1-5-5:1.15 milter-greylist-1-5-4:1.15 milter-greylist-1-5-3:1.15 milter-greylist-1-5-2:1.15 milter-greylist-1-5-1:1.15 milter-greylist-1-4:1.15.0.2 milter-greylist-1-4-base:1.15 milter-greylist-1-3-9:1.15 milter-greylist-1-3-8:1.15 milter-greylist-1-3-7:1.15 milter-greylist-1-3-6:1.15 milter-greylist-1-3-5:1.15 milter-greylist-1-3-4:1.14 milter-greylist-1-3-3:1.12 BDB:1.10.0.2 BDB-base:1.10 before_BDB:1.9 milter-greylist-1-2-2:1.6 milter-greylist-1-3-2:1.8 milter-greylist-1-2-1:1.6 milter-greylist-1-2-0:1.6 milter-greylist-1-2:1.6.0.2 milter-greylist-1-2-base:1.6 milter-greylist-1-1-16:1.6 milter-greylist-1-1-15:1.6 milter-greylis-1-1-15:1.6 milter-greylis-1-1-16:1.6 milter-greylist-1-1-14:1.6 milter-greylist-1-1-13:1.6 milter-greylist-1-1-12:1.6 milter-greylist-1-1-11:1.6 milter-greylist-1-1-10:1.6 milter-greylist-1-10rc1:1.6 milter-greylist-1-1-9:1.5 milter-greylist-1-1-8:1.5 milter-greylist-1-1-7:1.4 milter-greylist-1-1-6:1.4 milter-greylist-1-1-5:1.4 milter-greylist-1-1-4:1.4 milter-greylist-1-1-3:1.2 milter-greylist-1-1-2:1.2 milter-greylist-1-0-2:1.2 rmilter-greylist-1-0-1:1.2 milter-greylist-1-0-1:1.2 milter-greylist-1-1-1:1.2 milter-greylist-1-0-base:1.2 milter-greylist-1-0:1.2.0.2 milter-greylist-1-0-0:1.2 milter-greylist-0-27:1.2 milter-greylist-0-26:1.2 milter-greylist-0-25:1.2 milter-greylist-0-24:1.2 milter-greylist-0-23:1.2 milter-greylist-0-22:1.2 milter-greylist-0-21:1.2 milter-greylist-0-20:1.2 milter-greylist-0-19:1.2 milter-greylist-0-18:1.2 milter-greylist-0-17:1.2 milter-greylist-0-16:1.2 milter-greylist-0-15:1.2 milter-greylist-0-14:1.2 milter-greylist-0-13:1.2; locks; strict; comment @# @; 1.50 date 2013.08.13.12.45.08; author manu; state Exp; branches; next 1.49; 1.49 date 2013.01.27.02.10.19; author manu; state Exp; branches; next 1.48; 1.48 date 2010.04.15.07.51.29; author manu; state Exp; branches; next 1.47; 1.47 date 2010.04.12.12.04.41; author manu; state Exp; branches; next 1.46; 1.46 date 2009.02.12.22.38.20; author manu; state Exp; branches; next 1.45; 1.45 date 2009.02.10.04.09.57; author manu; state Exp; branches 1.45.2.1; next 1.44; 1.44 date 2008.05.15.00.08.26; author manu; state Exp; branches; next 1.43; 1.43 date 2008.02.27.05.00.54; author manu; state Exp; branches; next 1.42; 1.42 date 2007.10.25.03.20.11; author manu; state Exp; branches 1.42.2.1; next 1.41; 1.41 date 2007.10.23.11.28.21; author manu; state Exp; branches; next 1.40; 1.40 date 2007.06.15.04.26.00; author manu; state Exp; branches; next 1.39; 1.39 date 2006.09.27.20.03.49; author manu; state Exp; branches; next 1.38; 1.38 date 2006.09.20.07.50.09; author manu; state Exp; branches; next 1.37; 1.37 date 2006.08.20.04.49.49; author manu; state Exp; branches 1.37.2.1; next 1.36; 1.36 date 2006.07.27.09.23.00; author manu; state Exp; branches; next 1.35; 1.35 date 2006.07.27.09.21.04; author manu; state Exp; branches; next 1.34; 1.34 date 2006.02.17.19.46.13; author manu; state Exp; branches; next 1.33; 1.33 date 2006.01.11.06.40.39; author manu; state Exp; branches; next 1.32; 1.32 date 2006.01.08.00.38.25; author manu; state Exp; branches; next 1.31; 1.31 date 2005.11.30.23.32.13; author manu; state Exp; branches; next 1.30; 1.30 date 2005.06.09.20.28.43; author manu; state Exp; branches; next 1.29; 1.29 date 2005.06.08.19.46.28; author manu; state Exp; branches; next 1.28; 1.28 date 2005.06.08.19.36.42; author manu; state Exp; branches; next 1.27; 1.27 date 2005.02.13.23.43.47; author manu; state Exp; branches; next 1.26; 1.26 date 2005.02.13.23.42.01; author manu; state Exp; branches; next 1.25; 1.25 date 2005.02.13.16.02.13; author manu; state Exp; branches; next 1.24; 1.24 date 2005.01.29.18.42.53; author manu; state Exp; branches; next 1.23; 1.23 date 2005.01.29.18.22.28; author manu; state Exp; branches; next 1.22; 1.22 date 2004.12.30.10.00.56; author manu; state Exp; branches; next 1.21; 1.21 date 2004.12.29.21.28.04; author manu; state Exp; branches; next 1.20; 1.20 date 2004.12.28.21.46.05; author manu; state Exp; branches; next 1.19; 1.19 date 2004.12.09.00.04.01; author manu; state Exp; branches; next 1.18; 1.18 date 2004.11.09.06.57.07; author manu; state Exp; branches 1.18.2.1; next 1.17; 1.17 date 2004.08.10.10.15.06; author manu; state Exp; branches; next 1.16; 1.16 date 2004.08.08.21.24.20; author manu; state Exp; branches; next 1.15; 1.15 date 2004.05.27.13.09.36; author manu; state Exp; branches; next 1.14; 1.14 date 2004.05.26.21.50.13; author manu; state Exp; branches; next 1.13; 1.13 date 2004.05.26.09.14.29; author manu; state Exp; branches; next 1.12; 1.12 date 2004.05.24.21.57.36; author manu; state Exp; branches; next 1.11; 1.11 date 2004.05.24.21.22.02; author manu; state Exp; branches; next 1.10; 1.10 date 2004.05.15.08.41.54; author manu; state Exp; branches; next 1.9; 1.9 date 2004.05.03.13.52.30; author manu; state Exp; branches; next 1.8; 1.8 date 2004.04.30.19.08.24; author manu; state Exp; branches; next 1.7; 1.7 date 2004.04.22.23.27.57; author manu; state Exp; branches; next 1.6; 1.6 date 2004.04.02.15.06.53; author manu; state Exp; branches; next 1.5; 1.5 date 2004.04.01.21.23.08; author manu; state Exp; branches; next 1.4; 1.4 date 2004.03.31.12.10.16; author manu; state Exp; branches; next 1.3; 1.3 date 2004.03.31.11.39.26; author manu; state Exp; branches; next 1.2; 1.2 date 2004.03.10.21.37.54; author manu; state Exp; branches; next 1.1; 1.1 date 2004.03.10.21.11.45; author manu; state Exp; branches; next ; 1.45.2.1 date 2009.02.12.22.39.01; author manu; state Exp; branches; next ; 1.42.2.1 date 2008.02.27.05.01.47; author manu; state Exp; branches; next ; 1.37.2.1 date 2006.09.20.07.38.25; author manu; state Exp; branches; next 1.37.2.2; 1.37.2.2 date 2006.09.27.20.03.24; author manu; state Exp; branches; next ; 1.18.2.1 date 2004.12.08.23.24.56; author manu; state Exp; branches; next 1.18.2.2; 1.18.2.2 date 2004.12.08.23.27.10; author manu; state Exp; branches; next ; desc @@ 1.50 log @Bump to 4.5.2 @ text @# # Simple greylisting config file using the new features # See greylist2.conf for a more detailed list of available options # # $Id: greylist.conf,v 1.49 2013/01/27 02:10:19 manu Exp $ # pidfile "/var/run/milter-greylist.pid" socket "/var/milter-greylist/milter-greylist.sock" dumpfile "/var/milter-greylist/greylist.db" 600 dumpfreq 1 user "smmsp" # Log milter-greylist activity to a file #stat ">>/var/milter-greylist/greylist.log" \ # "%T{%Y/%m/%d %T} %d [%i] %f -> %r %S (ACL %A) %Xc %Xe %Xm %Xh\n" # Same, sent to syslog #stat "|logger -p local7.info" \ # "%T{%Y/%m/%d %T} %d [%i] %f -> %r %S (ACL %A) %Xc %Xe %Xm %Xh" # Be verbose (or use -v flag) #verbose # Do not tell spammer how long they have to wait quiet # MX peering #peer 192.0.2.17 #peer 192.0.2.18 # Your own network, which should not suffer greylisting list "my network" addr { 127.0.0.1/8 10.0.0.0/8 192.0.2.0/24 } # This is a list of broken MTAs that break with greylisting. Derived from # http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt?rev=1.16 list "broken mta" addr { \ 12.5.136.141/32 \ # Southwest Airlines (unique sender) 12.5.136.142/32 \ # Southwest Airlines 12.5.136.143/32 \ # Southwest Airlines 12.5.136.144/32 \ # Southwest Airlines 12.107.209.244/32 \ # kernel.org (unique sender) 12.107.209.250/32 \ # sourceware.org (unique sender) 63.82.37.110/32 \ # SLmail 63.169.44.143/32 \ # Southwest Airlines 63.169.44.144/32 \ # Southwest Airlines 64.7.153.18/32 \ # sentex.ca (common pool) 64.12.136.0/24 \ # AOL (common pool) 64.12.137.0/24 \ # AOL 64.12.138.0/24 \ # AOL 64.124.204.39 \ # moveon.org (unique sender) 64.125.132.254/32 \ # collab.net (unique sender) 64.233.160.0/19 \ # Google 66.94.237.16/28 \ # Yahoo Groups servers (common pool) 66.94.237.32/28 \ # Yahoo Groups servers (common pool) 66.94.237.48/30 \ # Yahoo Groups servers (common pool) 66.100.210.82/32 \ # Groupwise? 66.135.192.0/19 \ # Ebay 66.162.216.166/32 \ # Groupwise? 66.206.22.82/32 \ # Plexor 66.206.22.83/32 \ # Plexor 66.206.22.84/32 \ # Plexor 66.206.22.85/32 \ # Plexor 66.218.66.0/23 \ # Yahoo Groups servers (common pool) 66.218.67.0/23 \ # Yahoo Groups servers (common pool) 66.218.68.0/23 \ # Yahoo Groups servers (common pool) 66.218.69.0/23 \ # Yahoo Groups servers (common pool) 66.27.51.218/32 \ # ljbtc.com (Groupwise) 66.102.0.0/20 \ # Google 66.249.80.0/20 \ # Google 72.14.192.0/18 \ # Google 74.125.0.0/16 \ # Google 152.163.225.0/24 \ # AOL 194.245.101.88/32 \ # Joker.com 195.235.39.19/32 \ # Tid InfoMail Exchanger v2.20 195.238.2.0/24 \ # skynet.be (wierd retry pattern, common pool) 195.238.3.0/24 \ # skynet.be 195.46.220.208/32 \ # mgn.net 195.46.220.209/32 \ # mgn.net 195.46.220.210/32 \ # mgn.net 195.46.220.211/32 \ # mgn.net 195.46.220.221/32 \ # mgn.net 195.46.220.222/32 \ # mgn.net 195.238.2.0/24 \ # skynet.be (wierd retry pattern) 195.238.3.0/24 \ # skynet.be 204.107.120.10/32 \ # Ameritrade (no retry) 205.188.0.0/16 \ # AOL 205.206.231.0/24 \ # SecurityFocus.com (unique sender) 207.115.63.0/24 \ # Prodigy - retries continually 207.171.168.0/24 \ # Amazon.com 207.171.180.0/24 \ # Amazon.com 207.171.187.0/24 \ # Amazon.com 207.171.188.0/24 \ # Amazon.com 207.171.190.0/24 \ # Amazon.com 209.132.176.174/32 \ # sourceware.org mailing lists (unique sender) 209.85.128.0/17 \ # Google 211.29.132.0/24 \ # optusnet.com.au (wierd retry pattern) 213.136.52.31/32 \ # Mysql.com (unique sender) 216.33.244.0/24 \ # Ebay 216.239.32.0/19 \ # Google 217.158.50.178/32 \ # AXKit mailing list (unique sender) } # List of users that want greylisting list "grey users" rcpt { \ user1@@example.com \ user2@@example.com \ user3@@example.com \ } # Give this a try if you enabled DNSRBL #dnsrbl "SORBS DUN" dnsbl.sorbs.net 127.0.0.10 #dnsrbl "SBL" sbl-xbl.spamhaus.org 127.0.0.2 #dnsrbl "CBL" sbl-xbl.spamhaus.org 127.0.0.4 #dnsrbl "NJABL" sbl-xbl.spamhaus.org 127.0.0.5 #dnsrbl "PBL" zen.spamhaus.org 127.0.0.10/31 #dnsrbl "MTAWL" list.dnswl.org 127.0.0.0/16 # Here is an example of user preference pulled from a LDAP directory # (requires building --with-libcurl). If the milterGreylistStatus # attribute is set to TRUE, then $usrRBL will be usable later in the # ACL and will carry the values of the usrRBL attribute. # urlcheck "userpref" \ # "ldap://localhost/dc=example,dc=net?milterGreylistStatus,usrRBL?one?mail=%r" \ # 30 getprop clear fork racl continue from /.*/ addheader "X-Greylist: inspected by %V for IP:'%i' DOMAIN:'%d' HELO:'%h' FROM:'%f' RCPT:'%r'" # And here is the access list racl whitelist list "my network" racl whitelist list "broken mta" #racl whitelist dnsrbl "MTAWL" #racl blacklist urlcheck "userpref" $usrRBL "CBL" dnsrbl "CBL" \ # msg "Sender IP caught in CBL blacklist" #racl blacklist $usrRBL "SBL" dnsrbl "BBL" \ # msg "Sender IP caught in SBL blacklist" #racl blacklist $usrRBL "NJABL" dnsrbl "NJABL" \ # msg "Sender IP caught in NJABL blacklist" #racl greylist list "grey users" dnsrbl "SORBS DUN" delay 24h autowhite 3d racl greylist list "grey users" delay 30m autowhite 3d racl whitelist default # Example of content filtering for fighting image SPAM #dacl blacklist body /src[:blank:]*=(3D)?[:blank:]*["']?[:blank:]*cid:/ \ # msg "Sorry, We do not accept images embedded in HTML" @ 1.49 log @Fix swapped %f and %r for stat example in default greylist.conf @ text @d5 1 a5 1 # $Id: greylist.conf,v 1.48 2010/04/15 07:51:29 manu Exp $ d14 1 d127 2 @ 1.48 log @Make sure / is correctly reported by lex @ text @d5 1 a5 1 # $Id: greylist.conf,v 1.47 2010/04/12 12:04:41 manu Exp $ d16 1 a16 1 # "%T{%Y/%m/%d %T} %d [%i] %r -> %f %S (ACL %A) %Xc %Xe %Xm %Xh\n" d19 1 a19 1 # "%T{%Y/%m/%d %T} %d [%i] %r -> %f %S (ACL %A) %Xc %Xe %Xm %Xh" @ 1.47 log @New rate limiting feature. Account by IP, by recipient, account by whatever you want! @ text @d5 1 a5 1 # $Id: greylist.conf,v 1.46 2009/02/12 22:38:20 manu Exp $ a13 2 ratelimit "test" 1000 msgp 1m key "%i" @ 1.46 log @Remove outdated DNSRBL @ text @d5 1 a5 1 # $Id: greylist.conf,v 1.45 2009/02/10 04:09:57 manu Exp $ d14 2 @ 1.45 log @Fix socket mode in sample config file @ text @d5 1 a5 1 # $Id: greylist.conf,v 1.44 2008/05/15 00:08:26 manu Exp $ a115 1 #dnsrbl "TQM3-DHCP" dhcp.tqmcube.com 127.0.0.2 @ 1.45.2.1 log @Remove outdated DNSRBL @ text @d5 1 a5 1 # $Id: greylist.conf,v 1.45 2009/02/10 04:09:57 manu Exp $ d116 1 @ 1.44 log @More gmail mail farm in greylist.conf @ text @d5 1 a5 1 # $Id: greylist.conf,v 1.43 2008/02/27 05:00:54 manu Exp $ d10 1 a10 1 dumpfile "/var/milter-greylist/greylist.db" 755 @ 1.43 log @Fix error about stat in greylist.conf (Bob Smith) @ text @d5 1 a5 1 # $Id: greylist.conf,v 1.42 2007/10/25 03:20:11 manu Exp $ d71 1 @ 1.42 log @More 4.0 features examples to default greylist.conf @ text @d5 1 a5 1 # $Id: greylist.conf,v 1.41 2007/10/23 11:28:21 manu Exp $ d10 2 a11 1 dumpfile "/var/milter-greylist/greylist.db" d15 2 a16 2 #stat "/var/milter-greylist/greylist.log" \ # "%T{%Y/%m/%d %T} %d [%i] %r -> %f %S (ACL %A) %Xc %Xe %Xm %Xh" @ 1.42.2.1 log @Fix error about stat in greylist.conf (Bob Smith ) @ text @d5 1 a5 1 # $Id: greylist.conf,v 1.42 2007/10/25 03:20:11 manu Exp $ d10 1 a10 2 dumpfile "/var/milter-greylist/greylist.db" 755 dumpfreq 1 d14 2 a15 2 #stat ">>/var/milter-greylist/greylist.log" \ # "%T{%Y/%m/%d %T} %d [%i] %r -> %f %S (ACL %A) %Xc %Xe %Xm %Xh\n" @ 1.41 log @Add 4.0 features examples to default greylist.conf @ text @d5 1 a5 1 # $Id: greylist.conf,v 1.40 2007/06/15 04:26:00 manu Exp $ d113 3 d128 1 @ 1.40 log @dd google pools to default greylist.conf @ text @d5 1 a5 1 # $Id: greylist.conf,v 1.39 2006/09/27 20:03:49 manu Exp $ d13 7 d110 11 d123 15 a137 5 acl whitelist list "my network" acl whitelist list "broken mta" #acl greylist list "grey users" dnsrbl "SORBS DUN" delay 24h autowhite 3d acl greylist list "grey users" delay 30m autowhite 3d acl whitelist default @ 1.39 log @Updated list of broken MTA @ text @d5 1 a5 1 # $Id: greylist.conf,v 1.38 2006/09/20 07:50:09 manu Exp $ d44 1 d60 3 d86 1 d90 1 @ 1.38 log @Warn about ignored ACL lines after acl default rule @ text @d5 1 a5 1 # $Id: greylist.conf,v 1.37 2006/08/20 04:49:49 manu Exp $ d26 2 a27 2 # This is a list of broken MTAs that break with greylisting. Copied from # http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt?rev=1.12 d36 2 d57 1 d62 2 d81 1 a102 1 acl greylist list "grey users" delay 30m autowhite 3d @ 1.37 log @Update config files for 3.0 @ text @d5 1 a5 1 # $Id: greylist3.conf,v 1.4 2006/07/28 16:44:17 manu Exp $ d97 1 @ 1.37.2.1 log @Warn about ignored ACL lines after acl default rule @ text @d5 1 a5 1 # $Id: greylist.conf,v 1.37 2006/08/20 04:49:49 manu Exp $ a96 1 acl greylist list "grey users" delay 30m autowhite 3d @ 1.37.2.2 log @Updated list of broken MTA @ text @d5 1 a5 1 # $Id: greylist.conf,v 1.37.2.1 2006/09/20 07:38:25 manu Exp $ d26 2 a27 2 # This is a list of broken MTAs that break with greylisting. Derived from # http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt?rev=1.16 a35 2 63.169.44.143/32 \ # Southwest Airlines 63.169.44.144/32 \ # Southwest Airlines a54 1 66.218.69.0/23 \ # Yahoo Groups servers (common pool) a58 2 195.238.2.0/24 \ # skynet.be (wierd retry pattern, common pool) 195.238.3.0/24 \ # skynet.be a75 1 209.132.176.174/32 \ # sourceware.org mailing lists (unique sender) d97 1 @ 1.36 log @Newer config file @ text @d2 2 a3 1 # Greylisting config file d5 1 a5 1 # $Id: greylist.conf2,v 1.1 2006/07/27 09:12:46 manu Exp $ d8 6 a13 4 # Uncomment this to enable debug output. # Note that options appearing before the "verbose" option in this # file will not be treated verbosely. # May be overridden by the "-v" command line argument. d16 4 a19 2 # If you work with multiple MXs, list them with # peer entries to enable greylist sync among the MXs. d23 2 a24 165 # You may wish to use a specific local address or port for # syncing between MXs. Of course one of your interfaces # must have the address assigned. An '*' for the address # means any address. #syncaddr * #syncaddr * port 7689 #syncaddr 192.0.2.2 #syncaddr 192.0.2.2 port 9785 #syncaddr 2001:db8::1:c3b5:123 #syncaddr 2001:db8::1:c3b5:123 port 1234 # Specific IP-Address for outbound sync-connections # between MXs. If blank, system selects an ip. # syncsrcaddr 123.45.678.9 # Greylisting your own MTA is a very bad idea: never # comment this line, except for testing purposes. acl whitelist addr 127.0.0.0/8 # If you use IPv6, uncomment this. #acl whitelist addr ::1/128 # You will want to avoid greylisting your own clients # as well, by filtering out your IP address blocks. # Here is an example if you use 192.0.2.0/16. #acl whitelist addr 192.0.2.0/16 # It is also possible to whitelist sender # machines using their DNS names. #acl whitelist domain example.net # You can avoid greylisting by filtering on the sender # envelope address, but this is not a good idea: it # can be trivially forged. #acl whitelist from friendly@@example.com # Some of your users do not get any spam because # their addresses have never been collected by # spammers. They will want to avoid the extra delivery # delay caused by grey listing. You can filter on the # recipient envelope address to achieve that. #acl whitelist rcpt John.Doe@@example.net # It is possible to use regular expressions in domain, from # and rcpt lines. The expression must be enclosed by # slashes (/). Note that no escaping is available to # provide slashes inside the regular expression. #acl whitelist rcpt /.*@@example\.net/ # This option tells milter-greylist when it should # add an X-Greylist header. Default is all, which # causes a header to always be added. Other possible # values are none, delays and nodelays #report all # This option attempts to make milter-greylist more # friendly with sender callback systems. When the # message is from <>, it will be temporarily # rejected at the DATA stage instead of the RCPT # stage of the SMTP transaction. In the case of a # multi recipient DSN, whitelisted recipient will # not be honoured. #delayedreject # Uncomment if you want auto-whitelist to work for # the IP rather than for the (IP, sender, receiver) # tuple. #lazyaw # How often should we dump to the dumpfile (0: on each change, -1: never). #dumpfreq 10m # This option disables the conversion of the time specified in the # integer format to humanly readable format in the comment of each # line in the dumpfile. # Time needed in order to dump large dumpfiles (several milion # entries/few 100's of MB) can be significantly improved. #dump_no_time_translation # This option causes greylist entries that expire to be logged via # syslog. This allows you to collect the IP addresses and sender # names and use them for blacklisting, SPAM scoring, etc. #logexpired # How long will the greylist database retain tuples. #timeout 5d # Do not use ${greylist} macros from sendmail's access DB. #noaccessdb # Use extended regular expressions instead of basic # regular expressions. #extendedregex # # All of the following options have command-line equivalents. # See greylist.conf(5) for the exact equivalences. # # How long a client has to wait before we accept # the messages it retries to send. Here, 1 hour. # May be overridden by the "-w greylist_delay" command line argument. #greylist 1h # How long does auto-whitelisting last (set it to 0 # to disable auto-whitelisting). Here, 3 days. # May be overridden by the "-a autowhite_delay" command line argument. #autowhite 3d # Specify the netmask to be used when checking IPv4 addresses # in the greylist. # May be overridden by the "-L cidrmask" command line argument. #subnetmatch /24 # Specify the netmask to be used when checking IPv6 addresses # in the greylist. # May be overridden by the "-M prefixlen" command line argument. #subnetmatch6 /64 # Normally, clients that succeed SMTP AUTH are not # greylisted. Uncomment this if you want to # greylist them regardless of SMTP AUTH. # May be overridden by the "-A" command line argument. #noauth # If milter-greylist was built with SPF support, then # SPF-compliant senders are not greylisted. Uncomment # this to greylist them regardless of SPF compliance. # May be overridden by the "-S" command line argument. #nospf # If milter-greylist was built with DRAC support, # then DRAC DB location can be specified here #drac db "/usr/local/etc/drac.db" # Uncomment this to disable DRAC #nodrac # Uncomment if you want milter-greylist to remain # in the foreground (no daemon). # May be overridden by the "-D" command line argument. #nodetach # Uncomment this if you do not want milter-greylist # to tell its clients how long they are greylisted. # May be overridden by the "-q" command line argument. #quiet # You can specify a file where milter-greylist will # store its PID. # May be overridden by the "-P pidfile" command line argument. #pidfile "/var/run/milter-greylist.pid" # You can specify the socket file used to communicate # with sendmail. # May be overridden by the "-p socket" command line argument. #socket "/var/milter-greylist/milter-greylist.sock" # The dumpfile location. # May be overridden by the "-d dumpfile" command line argument. #dumpfile "/var/milter-greylist/greylist.db" # The user the milter should run as. # May be overridden by the "-u username" command line argument. #user "smmsp" d28 70 a97 51 acl whitelist addr 12.5.136.141/32 # Southwest Airlines (unique sender) acl whitelist addr 12.5.136.142/32 # Southwest Airlines acl whitelist addr 12.5.136.143/32 # Southwest Airlines acl whitelist addr 12.5.136.144/32 # Southwest Airlines acl whitelist addr 12.107.209.244/32 # kernel.org (unique sender) acl whitelist addr 12.107.209.250/32 # sourceware.org (unique sender) acl whitelist addr 63.82.37.110/32 # SLmail acl whitelist addr 64.7.153.18/32 # sentex.ca (common pool) acl whitelist addr 64.12.136.0/24 # AOL (common pool) acl whitelist addr 64.12.137.0/24 # AOL acl whitelist addr 64.12.138.0/24 # AOL acl whitelist addr 64.124.204.39 # moveon.org (unique sender) acl whitelist addr 64.125.132.254/32 # collab.net (unique sender) acl whitelist addr 66.94.237.16/28 # Yahoo Groups servers (common pool) acl whitelist addr 66.94.237.32/28 # Yahoo Groups servers (common pool) acl whitelist addr 66.94.237.48/30 # Yahoo Groups servers (common pool) acl whitelist addr 66.100.210.82/32 # Groupwise? acl whitelist addr 66.135.192.0/19 # Ebay acl whitelist addr 66.162.216.166/32 # Groupwise? acl whitelist addr 66.206.22.82/32 # Plexor acl whitelist addr 66.206.22.83/32 # Plexor acl whitelist addr 66.206.22.84/32 # Plexor acl whitelist addr 66.206.22.85/32 # Plexor acl whitelist addr 66.218.66.0/23 # Yahoo Groups servers (common pool) acl whitelist addr 66.218.67.0/23 # Yahoo Groups servers (common pool) acl whitelist addr 66.218.68.0/23 # Yahoo Groups servers (common pool) acl whitelist addr 66.27.51.218/32 # ljbtc.com (Groupwise) acl whitelist addr 152.163.225.0/24 # AOL acl whitelist addr 194.245.101.88/32 # Joker.com acl whitelist addr 195.235.39.19/32 # Tid InfoMail Exchanger v2.20 acl whitelist addr 195.46.220.208/32 # mgn.net acl whitelist addr 195.46.220.209/32 # mgn.net acl whitelist addr 195.46.220.210/32 # mgn.net acl whitelist addr 195.46.220.211/32 # mgn.net acl whitelist addr 195.46.220.221/32 # mgn.net acl whitelist addr 195.46.220.222/32 # mgn.net acl whitelist addr 195.238.2.0/24 # skynet.be (wierd retry pattern) acl whitelist addr 195.238.3.0/24 # skynet.be acl whitelist addr 204.107.120.10/32 # Ameritrade (no retry) acl whitelist addr 205.188.0.0/16 # AOL acl whitelist addr 205.206.231.0/24 # SecurityFocus.com (unique sender) acl whitelist addr 207.115.63.0/24 # Prodigy - retries continually acl whitelist addr 207.171.168.0/24 # Amazon.com acl whitelist addr 207.171.180.0/24 # Amazon.com acl whitelist addr 207.171.187.0/24 # Amazon.com acl whitelist addr 207.171.188.0/24 # Amazon.com acl whitelist addr 207.171.190.0/24 # Amazon.com acl whitelist addr 211.29.132.0/24 # optusnet.com.au (wierd retry pattern) acl whitelist addr 213.136.52.31/32 # Mysql.com (unique sender) acl whitelist addr 216.33.244.0/24 # Ebay acl whitelist addr 217.158.50.178/32 # AXKit mailing list (unique sender) @ 1.35 log @Simplified config file @ text @d2 1 a2 2 # Simple greylisting config file # See greylist.conf2 for a fully documented file with all options d4 1 a4 1 # $Id: greylist.conf,v 1.34 2006/02/17 19:46:13 manu Exp $ d7 4 a10 6 pidfile "/var/run/milter-greylist.pid" socket "/var/milter-greylist/milter-greylist.sock" dumpfile "/var/milter-greylist/greylist.db" user "smmsp" # Be verbose (or use -v flag) d13 2 a14 4 # Do not tell spammer how long they have to wait quiet # MX peering d18 165 a182 2 # Your own network, which should not suffer greylisting list "my network" addr { 127.0.0.1/8 10.0.0.0/8 192.0.2.0/24 } d186 51 a236 10 list "broken mta" addr { 12.5.136.141/32 12.5.136.142/32 12.5.136.143/32 12.5.136.144/32 12.107.209.244/32 12.107.209.250/32 63.82.37.110/32 64.7.153.18/32 64.12.136.0/24 64.12.137.0/24 64.12.138.0/24 64.124.204.39 64.125.132.254/32 66.94.237.16/28 66.94.237.32/28 66.94.237.48/30 66.100.210.82/32 66.135.192.0/19 66.162.216.166/32 66.206.22.82/32 66.206.22.83/32 66.206.22.84/32 66.206.22.85/32 66.218.66.0/23 66.218.67.0/23 66.218.68.0/23 66.27.51.218/32 152.163.225.0/24 194.245.101.88/32 195.235.39.19/32 195.46.220.208/32 195.46.220.209/32 195.46.220.210/32 195.46.220.211/32 195.46.220.221/32 195.46.220.222/32 195.238.2.0/24 195.238.3.0/24 204.107.120.10/32 205.188.0.0/16 205.206.231.0/24 207.115.63.0/24 207.171.168.0/24 207.171.180.0/24 207.171.187.0/24 207.171.188.0/24 207.171.190.0/24 211.29.132.0/24 213.136.52.31/32 216.33.244.0/24 217.158.50.178/32 } # List of users that want greylisting list "grey users" rcpt { user1@@example.com user2@@example.com user3@@example.com } # And the access list acl whitelist list "my network" acl whitelist list "broken mta" acl greylist list "grey users" delay 30m autowhite 3d acl whitelist default @ 1.34 log @Option to log expired entries (Jeff Rife) @ text @d2 2 a3 1 # Greylisting config file d5 1 a5 1 # $Id: greylist.conf,v 1.33 2006/01/11 06:40:39 manu Exp $ d8 6 a13 4 # Uncomment this to enable debug output. # Note that options appearing before the "verbose" option in this # file will not be treated verbosely. # May be overridden by the "-v" command line argument. d16 4 a19 2 # If you work with multiple MXs, list them with # peer entries to enable greylist sync among the MXs. d23 2 d26 3 a28 92 # You may wish to use a specific local address or port for # syncing between MXs. Of course one of your interfaces # must have the address assigned. An '*' for the address # means any address. #syncaddr * #syncaddr * port 7689 #syncaddr 192.0.2.2 #syncaddr 192.0.2.2 port 9785 #syncaddr 2001:db8::1:c3b5:123 #syncaddr 2001:db8::1:c3b5:123 port 1234 # Specific IP-Address for outbound sync-connections # between MXs. If blank, system selects an ip. # syncsrcaddr 123.45.678.9 # Greylisting your own MTA is a very bad idea: never # comment this line, except for testing purposes. acl whitelist addr 127.0.0.0/8 # If you use IPv6, uncomment this. #acl whitelist addr ::1/128 # You will want to avoid greylisting your own clients # as well, by filtering out your IP address blocks. # Here is an example if you use 192.0.2.0/16. #acl whitelist addr 192.0.2.0/16 # It is also possible to whitelist sender # machines using their DNS names. #acl whitelist domain example.net # You can avoid greylisting by filtering on the sender # envelope address, but this is not a good idea: it # can be trivially forged. #acl whitelist from friendly@@example.com # Some of your users do not get any spam because # their addresses have never been collected by # spammers. They will want to avoid the extra delivery # delay caused by grey listing. You can filter on the # recipient envelope address to achieve that. #acl whitelist rcpt John.Doe@@example.net # It is possible to use regular expressions in domain, from # and rcpt lines. The expression must be enclosed by # slashes (/). Note that no escaping is available to # provide slashes inside the regular expression. #acl whitelist rcpt /.*@@example\.net/ # This option tells milter-greylist when it should # add an X-Greylist header. Default is all, which # causes a header to always be added. Other possible # values are none, delays and nodelays #report all # This option attempts to make milter-greylist more # friendly with sender callback systems. When the # message is from <>, it will be temporarily # rejected at the DATA stage instead of the RCPT # stage of the SMTP transaction. In the case of a # multi recipient DSN, whitelisted recipient will # not be honoured. #delayedreject # Uncomment if you want auto-whitelist to work for # the IP rather than for the (IP, sender, receiver) # tuple. #lazyaw # How often should we dump to the dumpfile (0: on each change, -1: never). #dumpfreq 10m # This option disables the conversion of the time specified in the # integer format to humanly readable format in the comment of each # line in the dumpfile. # Time needed in order to dump large dumpfiles (several milion # entries/few 100's of MB) can be significantly improved. #dump_no_time_translation # This option causes greylist entries that expire to be logged via # syslog. This allows you to collect the IP addresses and sender # names and use them for blacklisting, SPAM scoring, etc. #logexpired # How long will the greylist database retain tuples. #timeout 5d # Do not use ${greylist} macros from sendmail's access DB. #noaccessdb # Use extended regular expressions instead of basic # regular expressions. #extendedregex d30 2 a31 71 # # All of the following options have command-line equivalents. # See greylist.conf(5) for the exact equivalences. # # How long a client has to wait before we accept # the messages it retries to send. Here, 1 hour. # May be overridden by the "-w greylist_delay" command line argument. #greylist 1h # How long does auto-whitelisting last (set it to 0 # to disable auto-whitelisting). Here, 3 days. # May be overridden by the "-a autowhite_delay" command line argument. #autowhite 3d # Specify the netmask to be used when checking IPv4 addresses # in the greylist. # May be overridden by the "-L cidrmask" command line argument. #subnetmatch /24 # Specify the netmask to be used when checking IPv6 addresses # in the greylist. # May be overridden by the "-M prefixlen" command line argument. #subnetmatch6 /64 # Normally, clients that succeed SMTP AUTH are not # greylisted. Uncomment this if you want to # greylist them regardless of SMTP AUTH. # May be overridden by the "-A" command line argument. #noauth # If milter-greylist was built with SPF support, then # SPF-compliant senders are not greylisted. Uncomment # this to greylist them regardless of SPF compliance. # May be overridden by the "-S" command line argument. #nospf # If milter-greylist was built with DRAC support, # then DRAC DB location can be specified here #drac db "/usr/local/etc/drac.db" # Uncomment this to disable DRAC #nodrac # Uncomment if you want milter-greylist to remain # in the foreground (no daemon). # May be overridden by the "-D" command line argument. #nodetach # Uncomment this if you do not want milter-greylist # to tell its clients how long they are greylisted. # May be overridden by the "-q" command line argument. #quiet # You can specify a file where milter-greylist will # store its PID. # May be overridden by the "-P pidfile" command line argument. #pidfile "/var/run/milter-greylist.pid" # You can specify the socket file used to communicate # with sendmail. # May be overridden by the "-p socket" command line argument. #socket "/var/milter-greylist/milter-greylist.sock" # The dumpfile location. # May be overridden by the "-d dumpfile" command line argument. #dumpfile "/var/milter-greylist/greylist.db" # The user the milter should run as. # May be overridden by the "-u username" command line argument. #user "smmsp" d33 5 a37 53 # This is a list of broken MTAs that break with greylisting. Copied from # http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt?rev=1.12 acl whitelist addr 12.5.136.141/32 # Southwest Airlines (unique sender) acl whitelist addr 12.5.136.142/32 # Southwest Airlines acl whitelist addr 12.5.136.143/32 # Southwest Airlines acl whitelist addr 12.5.136.144/32 # Southwest Airlines acl whitelist addr 12.107.209.244/32 # kernel.org (unique sender) acl whitelist addr 12.107.209.250/32 # sourceware.org (unique sender) acl whitelist addr 63.82.37.110/32 # SLmail acl whitelist addr 64.7.153.18/32 # sentex.ca (common pool) acl whitelist addr 64.12.136.0/24 # AOL (common pool) acl whitelist addr 64.12.137.0/24 # AOL acl whitelist addr 64.12.138.0/24 # AOL acl whitelist addr 64.124.204.39 # moveon.org (unique sender) acl whitelist addr 64.125.132.254/32 # collab.net (unique sender) acl whitelist addr 66.94.237.16/28 # Yahoo Groups servers (common pool) acl whitelist addr 66.94.237.32/28 # Yahoo Groups servers (common pool) acl whitelist addr 66.94.237.48/30 # Yahoo Groups servers (common pool) acl whitelist addr 66.100.210.82/32 # Groupwise? acl whitelist addr 66.135.192.0/19 # Ebay acl whitelist addr 66.162.216.166/32 # Groupwise? acl whitelist addr 66.206.22.82/32 # Plexor acl whitelist addr 66.206.22.83/32 # Plexor acl whitelist addr 66.206.22.84/32 # Plexor acl whitelist addr 66.206.22.85/32 # Plexor acl whitelist addr 66.218.66.0/23 # Yahoo Groups servers (common pool) acl whitelist addr 66.218.67.0/23 # Yahoo Groups servers (common pool) acl whitelist addr 66.218.68.0/23 # Yahoo Groups servers (common pool) acl whitelist addr 66.27.51.218/32 # ljbtc.com (Groupwise) acl whitelist addr 152.163.225.0/24 # AOL acl whitelist addr 194.245.101.88/32 # Joker.com acl whitelist addr 195.235.39.19/32 # Tid InfoMail Exchanger v2.20 acl whitelist addr 195.46.220.208/32 # mgn.net acl whitelist addr 195.46.220.209/32 # mgn.net acl whitelist addr 195.46.220.210/32 # mgn.net acl whitelist addr 195.46.220.211/32 # mgn.net acl whitelist addr 195.46.220.221/32 # mgn.net acl whitelist addr 195.46.220.222/32 # mgn.net acl whitelist addr 195.238.2.0/24 # skynet.be (wierd retry pattern) acl whitelist addr 195.238.3.0/24 # skynet.be acl whitelist addr 204.107.120.10/32 # Ameritrade (no retry) acl whitelist addr 205.188.0.0/16 # AOL acl whitelist addr 205.206.231.0/24 # SecurityFocus.com (unique sender) acl whitelist addr 207.115.63.0/24 # Prodigy - retries continually acl whitelist addr 207.171.168.0/24 # Amazon.com acl whitelist addr 207.171.180.0/24 # Amazon.com acl whitelist addr 207.171.187.0/24 # Amazon.com acl whitelist addr 207.171.188.0/24 # Amazon.com acl whitelist addr 207.171.190.0/24 # Amazon.com acl whitelist addr 211.29.132.0/24 # optusnet.com.au (wierd retry pattern) acl whitelist addr 213.136.52.31/32 # Mysql.com (unique sender) acl whitelist addr 216.33.244.0/24 # Ebay acl whitelist addr 217.158.50.178/32 # AXKit mailing list (unique sender) @ 1.33 log @Selectable MX sync source address @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.32 2006/01/08 00:38:25 manu Exp $ d98 4 @ 1.32 log @From Ranko Zivojnovic : * Bucketed search of autowhitelisted and pending entries rather than write-locked only-one-at-the-time search * Large buffer for writing the dump file * Disabled having the time comment by default next to each line in the dump (improves dump performance by order of magnitude on my Solaris). If "verbose" enabled - behavior will be as before * 'mxsync' client connection is set non-blocking, but there were no checks if fprintf actually delivers the complete sync message to the peer or just the part of it. * Also, when reading the 'mxsync' client connection, being non- blocking, fgets() can bail out with NULL and EAGAIN which is not fatal error for the connection. @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.31 2005/11/30 23:32:13 manu Exp $ d30 4 @ 1.31 log @DRAC support @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.30 2005/06/09 20:28:43 manu Exp $ d87 7 @ 1.30 log @Remove non broken MTA from the config file @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.29 2005/06/08 19:46:28 manu Exp $ d134 7 @ 1.29 log @Documentation fixes @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.27 2005/02/13 23:43:47 manu Exp $ a213 12 acl whitelist addr 216.155.201.59/32 # Yahoo groups acl whitelist addr 216.155.201.60/32 acl whitelist addr 216.155.201.61/32 acl whitelist addr 216.155.201.62/32 acl whitelist addr 216.155.201.63/32 acl whitelist addr 216.155.201.64/32 acl whitelist addr 216.155.201.65/32 acl whitelist addr 216.155.201.66/32 acl whitelist addr 216.155.201.67/32 acl whitelist addr 216.155.201.68/32 acl whitelist addr 216.155.201.69/32 acl whitelist addr 216.155.201.70/32 @ 1.28 log @New MTA farm in the default config @ text @d7 1 a7 1 # Uncomment this to enable verbose output. d13 2 a14 2 # If you work with multiple MX, list them with # peer entries to enable greylist sync among the MX d19 3 a21 3 # You may wish to use a specific local address or port for # syncing between MXes. Of course one of your interfaces # must have the address assigned. An '*' for the address d30 1 a30 1 # Greylisting your own MTA is a very bad idea: never d34 1 a34 1 # If you use IPv6, uncomment this d37 1 a37 1 # You will want to avoid greylisting your own clients d39 1 a39 1 # Here is an example if you use 192.0.2.0/16 d42 1 a42 1 # It is also possible de whitelist machines sender d46 2 a47 2 # You can avoid greylisting by filtering on the sender # enveloppe address but this is not a good idea: it d51 3 a53 3 # Some of your users do not get any spam because # their addresses have never been collected by # spammers. They will want to avoid the extra delivery d55 1 a55 1 # recipient enveloppe address to achieve that. d58 1 a58 1 # It is possible to use regular expressions in from d60 1 a60 1 # slashes (/). Note that no escaping is available to d72 1 a72 1 # message is from <>, it will be temporarilly d74 1 a74 1 # stage of the SMTP transaction. In the case of a d79 18 d102 1 a102 1 # How long a client has to wait before we accept d104 1 a104 1 # May be overridden by the command line argument "-w xxx". d107 3 a109 3 # How long does auto-whitelisting lasts (set it to 0 # to disable auto-whitelisting). Here, 3 days # May be overridden by the "-a" command line argument. d112 13 a124 3 # Normally, clients that succeed SMTP AUTH are not # greylisted. Uncomment this if you want to # greylist them regardeless of SMTP AUTH d130 1 a130 1 # this to greylist them regardless of SPF compliance d134 2 a135 2 # Uncomment if you want milter-greylist to remain # in the foreground (no daemon) a138 5 # Uncomment if you want auto-whitelist to work for # the IP rather than for the (IP, sender, reciever) # tuple. #lazyaw d140 1 a140 1 # to tell its client how long they are greylisted. d145 2 a146 2 # store its PID # May be overridden by the "-P" command line argument. d149 3 a151 3 # The socket used to communicate with Sendmail can # be specified in this file: # May be overridden by the "-p" command line argument. d154 2 a155 2 # The dumpfile location # May be overridden by the "-d" command line argument. d158 2 a159 8 # How often should we dump to the dumpfile (0: on each change, -1: never) #dumpfreq 10m # How long will the greylist database retain tuples #timeout 5d # The user the milter should run as # May be overridden by the "-u" command line argument. d162 2 a163 2 # This is a list of broken MTA that break with greylisting. Copied from # http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt?rev=1.11 d166 2 d192 1 a192 1 acl whitelist addr 194.245.101.88/32 # Joker.com d200 2 a201 4 acl whitelist addr 195.238.2.105/32 # skynet.be (wierd retry pattern) acl whitelist addr 195.238.2.124/32 # skynet.be acl whitelist addr 195.238.3.12/32 # skynet.be acl whitelist addr 195.238.3.13/32 # skynet.be @ 1.27 log @Mistake. @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.26 2005/02/13 23:42:01 manu Exp $ d197 12 @ 1.26 log @Pull up 2.0b2 fixes Check if -D_REENTRANT is needed for localtime_r and friends Typo in delayedreject Check for initgroups existence Add more E-bay addresses in greylist.conf Drop \ for multi-line ACL as it break builds with some version of yacc @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.24 2005/01/29 18:42:53 manu Exp $ d162 1 a162 2 acl whitelist addr 66.135.209.0/24 # Ebay (for time critical alerts) acl whitelist addr 66.135.197.0/24 # Ebay @ 1.25 log @Add more E-bay addresses in greylist.conf @ text @d162 2 a163 1 acl whitelist addr 66.135.192.0/19 # Ebay @ 1.24 log @Delayed reject for <> sender to cope better with sender callback (Moritz Both) @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.23 2005/01/29 18:22:28 manu Exp $ d162 1 a162 2 acl whitelist addr 66.135.209.0/24 # Ebay (for time critical alerts) acl whitelist addr 66.135.197.0/24 # Ebay @ 1.23 log @Commented line for whitelisting ::1/128 @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.22 2004/12/30 10:00:56 manu Exp $ d70 9 @ 1.22 log @Narrower the newer yahoo blocks @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.21 2004/12/29 21:28:04 manu Exp $ d34 3 @ 1.21 log @New broken site in the default whitelist @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.20 2004/12/28 21:46:05 manu Exp $ d146 3 a148 1 acl whitelist addr 66.94.237.0/23 # Yahoo Groups servers (common pool) @ 1.20 log @More dc fixes from Gary Aitken @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.19 2004/12/09 00:04:01 manu Exp $ d146 1 @ 1.19 log @Documentation cleanup @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.18 2004/11/09 06:57:07 manu Exp $ d7 6 d55 1 a55 1 # It is possible to use regular expression in from d63 1 a63 1 # cause a header to always be added. Other possible d68 2 a69 2 # All the following options have command-line equivalents # see greylist.conf(5) for the exact equivalences. d72 1 a72 1 # How long does a client has to wait before we accept d74 1 d79 1 d85 1 d91 1 a93 3 # Uncomment this to enable verbose output #verbose d96 1 d106 1 d111 1 d116 1 d120 1 d130 1 @ 1.18 log @More broken servers in the default config file @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.17 2004/08/10 10:15:06 manu Exp $ d26 1 a26 1 addr 127.0.0.0/8 d31 1 a31 1 #addr 192.0.2.0/16 d35 1 a35 1 #domain example.net d40 1 a40 1 #from friendly@@example.com d47 1 a47 4 # NB: when using -T, the meaning of thoses lines is # reversed: they select the recipient for which # grey listing is enabled. #rcpt John.Doe@@example.net d53 1 a53 1 #rcpt /.*@@example\.net/ d120 51 a170 34 # This is a list of broken MTA that break with greylisting # Copied from http://greylisting.org/whitelisting.html addr 12.5.136.141/32 # Southwest Airlines (unique sender, no retry) addr 12.5.136.142/32 # Southwest Airlines addr 64.12.136.0/24 # AOL (common pool) addr 64.12.137.0/24 # AOL addr 64.12.138.0/24 # AOL addr 64.125.132.254/32 # collab.net (unique sender per attempt) addr 66.135.209.0/24 # Ebay (for time critical alerts) addr 66.135.197.0/24 # Ebay addr 216.33.244.0/24 # Ebay addr 66.218.66.0/23 # Yahoo Groups servers (common pool, no retry) addr 152.163.225.0/24 # AOL addr 195.46.220.208/32 # mgn.net addr 195.46.220.209/32 # mgn.net addr 195.46.220.210/32 # mgn.net addr 195.46.220.211/32 # mgn.net addr 195.46.220.221/32 # mgn.net addr 195.46.220.222/32 # mgn.net addr 195.238.2.105/32 # skynet.be (wierd retry pattern) addr 195.238.2.124/32 # skynet.be addr 195.238.3.12/32 # skynet.be addr 195.238.3.13/32 # skynet.be addr 204.107.120.10/32 # Ameritrade (no retry) addr 205.188.156.0/24 # AOL addr 205.206.231.0/24 # SecurityFocus.com (unique sender per attempt) addr 207.115.63.0/24 # Prodigy - retries continually (no delay) addr 207.171.168.0/24 # Amazon.com addr 207.171.180.0/24 # Amazon.com addr 207.171.187.0/24 # Amazon.com addr 207.171.188.0/24 # Amazon.com addr 207.171.190.0/24 # Amazon.com addr 213.136.52.31/32 # Mysql.com (unique sender) addr 217.158.50.178/32 # AXKit mailing list (unique sender per attempt) @ 1.18.2.1 log @Updated default whitelist @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.18 2004/11/09 06:57:07 manu Exp $ d124 2 a125 2 # Copied from http://greylisting.org/whitelisting.shtml addr 12.5.136.141/32 # Southwest Airlines (unique sender) a126 4 addr 12.107.209.244/32 # kernel.org (unique sender) addr 12.107.209.250/32 # sourceware.org (unique sender) addr 63.82.37.110/32 # SLmail addr 64.7.153.18/32 # sentex.ca (common pool) d130 1 a130 3 addr 64.124.204.39 # moveon.org (unique sender) addr 64.125.132.254/32 # collab.net (unique sender) addr 66.100.210.82/32 # Groupwise? d133 2 a134 9 addr 66.162.216.166/32 # Groupwise? addr 66.206.22.82/32 # Plexor addr 66.206.22.83/32 # Plexor addr 66.206.22.84/32 # Plexor addr 66.206.22.85/32 # Plexor addr 66.218.66.0/23 # Yahoo Groups servers (common pool) addr 66.218.67.0/23 # Yahoo Groups servers (common pool) addr 66.218.68.0/23 # Yahoo Groups servers (common pool) addr 66.27.51.218/32 # ljbtc.com (Groupwise) a135 2 addr 194.245.101.88/32 # Joker.com addr 195.235.39.19/32 # Tid InfoMail Exchanger v2.20 d147 1 a147 1 addr 205.188.0.0/16 # AOL a154 1 addr 211.29.132.0/24 # optusnet.com.au (wierd retry pattern) a155 1 addr 216.33.244.0/24 # Ebay @ 1.18.2.2 log @broken MTA source @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.18.2.1 2004/12/08 23:24:56 manu Exp $ d123 2 a124 2 # This is a list of broken MTA that break with greylisting. Copied from # http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt?rev=1.11 @ 1.17 log @documentation typos @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.16 2004/08/08 21:24:20 manu Exp $ d133 1 @ 1.16 log @Configurable MX sync bind port and address (Cyril Guibourg) Bump to 1.5.6 @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.15 2004/05/27 13:09:36 manu Exp $ d19 1 a20 1 #syncaddr @ 1.15 log @Yahoo group block @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.14 2004/05/26 21:50:13 manu Exp $ d11 12 @ 1.14 log @DNS support in greylist.conf through the domain keyword @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.13 2004/05/26 09:14:29 manu Exp $ d121 1 a121 1 addr 66.218.66.0/24 # Yahoo Groups servers (common pool, no retry) @ 1.13 log @timeout option @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.12 2004/05/24 21:57:36 manu Exp $ d20 4 @ 1.12 log @dumpfreq option @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.11 2004/05/24 21:22:02 manu Exp $ d100 3 @ 1.11 log @Back out Berkeley DB stuff, it will now live on the BDB branch. @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.9 2004/05/03 13:52:30 manu Exp $ d97 3 @ 1.10 log @First attempt with Berkeley DB. Some remaining bugs on dynamic modification of options. @ text @a47 14 # This controls where is the greylist Berkeley DB database #greylistdb "/var/milter-greylist/greylist2.db" # This controls where is the autowhite Berkeley DB database #autowhitedb "/var/milter-greylist/autowhite2.db" # This controls where is the lockfile #autowhitedb "/var/milter-greylist/milter-greylist.lock" # This options tells how often the databases must be dumped # to the text backup file. 0 means as soon as the databases # are modified (This kills performances) #dumpfreq 10m d61 3 a63 3 # Normally, clients that succeed SMTP AUTH or STARTTLS # are not greylisted. Uncomment this if you want to # greylist them regardeless of SMTP AUTH and STARTTLS d95 2 a96 4 # The text dumpfile location. This file is now # a backup dump in case the Berkeley DB databases # get corrupted. #dumpfile "/var/milter-greylist/dump2.txt" @ 1.9 log @mgn.net has broken MTAs @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.8 2004/04/30 19:08:24 manu Exp $ d48 14 d75 3 a77 3 # Normally, clients that succeed SMTP AUTH are not # greylisted. Uncomment this if you want to # greylist them regardeless of SMTP AUTH d109 4 a112 2 # The dumpfile location #dumpfile "/var/milter-greylist/greylist.db" @ 1.8 log @Add a list of broken MTA in the default whitelist @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.7 2004/04/22 23:27:57 manu Exp $ d113 6 @ 1.7 log @lazyaw option to get a lazy match in autowhitelist: only on the IP address. @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.6 2004/04/02 15:06:53 manu Exp $ d100 28 @ 1.6 log @Add a config option to suprress X-Greylist header Bump to 1.10 @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.5 2004/04/01 21:23:08 manu Exp $ d77 5 @ 1.5 log @Update the documentation for regular expressions @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.4 2004/03/31 12:10:16 manu Exp $ d41 6 @ 1.4 log @More documentation, nodetach option in config @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.3 2004/03/31 11:39:26 manu Exp $ d35 6 @ 1.3 log @socket can now be given in the config file. Documentation on the config file options @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.2 2004/03/10 21:37:54 manu Exp $ d62 3 a64 2 # Uncomment this to enable testmode #testmode d81 2 a82 1 @ 1.2 log @update examples @ text @d4 1 a4 1 # $Id: greylist.conf,v 1.1 2004/03/10 21:11:45 manu Exp $ d35 46 @ 1.1 log @Renamed except.greylist as except.conf, split the cde between exception list management and config management @ text @d4 1 a4 1 # $Id: greylist.except,v 1.3 2004/02/29 22:35:09 manu Exp $ d6 5 @