http://tom.knaupp.com free software, security and a bunch of my strange thoughts Fri, 21 Jan 2011 00:13:42 +0000 en hourly 1 http://wordpress.org/?v=3.2.1 http://tom.knaupp.com/2007/03/28/exim-implementing-greylisting-without-db/ http://tom.knaupp.com/2007/03/28/exim-implementing-greylisting-without-db/#comments Wed, 28 Mar 2007 16:03:36 +0000 tom http://tom.knaupp.com/?p=31 I had greylisting running for a while with a little perl script, that only worked with ip-addresses. As spam is growing an growing, I wanted to use the whole triplet (ip/sender/recipient) for the filter.

As I did not want to use a database backend, the decision led to greylistd – an easy configurable daemon. I needed the packages for (open)SuSE, that can be found in openSuSE’s software repository.

After installing it and checking the basics at /etc/greylistd/config, you have to add a little code to your acls in exim.conf, i.e.:

defer message = greylisted $sender_host_address. please try again later
condition = ${readsocket{/var/run/greylistd/socket}\
{--grey $sender_host_address $sender_address $local_part@$domain} {5s}{}{false}}

That was all I had to do to get it working. It’s advisable to add some hosts, that are known for problems with greylisting, not to be checked. Therefor you have to extend your acl:

defer message = greylisted $sender_host_address. please try again later
!hosts = : ${if exists {/etc/greylistd/whitelist-hosts}\
{/etc/greylistd/whitelist-hosts}{}} : \
${if exists {/var/lib/greylistd/whitelist-hosts}\
{/var/lib/greylistd/whitelist-hosts}{}}
condition = ${readsocket{/var/run/greylistd/socket}\
{--grey $sender_host_address $sender_address $local_part@$domain} {5s}{}{false}}

Many thanks for the documentations from Arne Schirmacher and Ben Charlton.

]]> http://tom.knaupp.com/2007/03/28/exim-implementing-greylisting-without-db/feed/ 1