Differences

This shows you the differences between two versions of the page.

--- greylisting [2006/12/08 12:42]
adam Added config placement decision
+++ greylisting [2016/11/25 22:38]
@@ Line 1: / Line 1: @@
-===== Greylisting with Exim =====
-For greylisting with [[http://www.exim.org|Exim]] or [[http://silverwraith.com/vexim/|Vexim]], try the following::
-Install greylistd via apt for Debian and derivatives or ATrpms for Fedora/Red Hat and add your exim user to the greylist group, make sure /var/lib/greylistd/whitelist-hosts is group readable, configure greylistd (set your delay time in the main greylistd config file and add your own hosts to /var/lib/greylistd/whitelist-hosts) and insert the following into vexim-acl-check-rcpt.conf on Vexim, or for plain Exim, in the master Exim configuration file. For Debian split config, you'll have to figure out which file to add it to yourself ;-)
-  defer
-     message        = $sender_host_address is greylisted. \
-                      Mail from $sender_host_address as <$sender_address> to \
-                      <$local_part@$domain> is delayed. \
-                      Please try again later.
-     log_message    = greylisted.
-     !senders       = :
-     !hosts         = : +relay_from_hosts : \
-     !hosts         = : ${if exists {/etc/greylistd/whitelist-hosts}\
-                     {/etc/greylistd/whitelist-hosts}{}} : \
-                     ${if exists {/var/lib/greylistd/whitelist-hosts}\
-                             {/var/lib/greylistd/whitelist-hosts}{}}
-     !authenticated = *
-  #    !acl           = acl_whitelist_local_deny
-     domains        = +local_domains : +relay_to_domains
-     verify         = recipient/callout=20s,use_sender,defer_ok
-     condition      = ${readsocket{/var/run/greylistd/socket}\
-                             {--grey \
-                             $sender_host_address \
-                             $sender_address \
-                             $local_part@$domain}\
-                             {5s}{}{false}}
-Placement of this snippet in the config is important. I place it in my ACL section, beneath the RDNSBL and ClamAV sample sections, so that bad senders detectable by other means still have to get through greylisting when they become delisted or send non-viral email. Other people put this config before other checks, the decision is yours.
-The commented line was used in the Debian greylistd docs (possibly standard with greylistd) in /usr/share.doc/greylistd/examples/exim4-acl-example.txt, but this ACL didn't apply to the Vexim configuration. There is additional config available elsewhere which shows how to catch mails without an envelope sender. References required.
-Note that greylisting also has some disadvantages: emails are always delayed and some mail servers do not properly retry after the first delivery attempt, so emails from these servers are never delivered. Blueyonder and some servers at yahoo.com and ebay.com are known for this. It is therefore important to have a good white list.
-Other greylisting implementations:
-This article has a large white list, a method to figure out mail servers from the domain SPF record and some other configuration tips:
-[[http://www.schirmacher.de/display/INFO/SPAM+filtern+mit+Greylisting]]
-[[http://www.slett.net/spam-filtering-for-mx/exim-greylisting.html#exim-greylist-mysql]]
-[[http://greylisting.org/]]
-[[http://theinternetco.net/projects/exim/greylist]]
-[[http://www.debian-administration.org/articles/167]]
-[[http://www.tldp.org/HOWTO/Spam-Filtering-for-MX/exim-greylisting.html]]
-[[http://spod.cx/blog/greylisting_with_exim_spamassassin.shtml]]
-[[http://users.aber.ac.uk/auj/spam/]]

Adam Sweet's Wiki

User Tools

Site Tools

Differences

Page Tools