Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Message

IP or domain name

2005-02-18 by Christian Pelissier

Milter greylist uses IP address as the first value of tuples.  With some big
domains and some ISP this is a problem because we could have a farm of SMTP
servers with many IP address.  This could cause long delay in mail delivery
process.

We avoid that by using  subnetmatch /24 in greylist.conf or -L 24 on the
command line. Then milter-greylist use only the first 24 bits of the IP
address for greylist matching when a mail comme again. Another solution
is whitelisting.

Improvements could be :

- both domain name and IP recorded and accept mail if one of them match
(with matching of the other values of course).

- a netmask depending on the IP class (/24 for C,  /16 for B , ? for A)
by using subnetmatch /0 or -L 0

- using SPF differently (actually if IP match SPF address then milter-greylist
accept the mail whithout greylisting)

For exemple with SPF we have good values of netmask and a list of all
possible IP :

club-internet.fr        text = "v=spf1 ip4:194.158.104.0/24 
ip4:194.158.107.10/31 ip4:194.158.96.0/24 ip4:194.158.99.10/31 ip4:213.44.120.91 
?all"

aol.com text = "v=spf1 ip4:152.163.225.0/24 ip4:205.188.139.0/24 
ip4:205.188.144.0/24 ip4:205.188.156.0/23 ip4:205.188.159.0/24 
ip4:64.12.136.0/23 ip4:64.12.138.0/24 ptr:mx.aol.com ?all"

aol.com text = "spf2.0/pra ip4:152.163.225.0/24 ip4:205.188.139.0/24 
ip4:205.188.144.0/24 ip4:205.188.156.0/23 ip4:205.188.159.0/24 
ip4:64.12.136.0/23 ip4:64.12.138.0/24 ptr:mx.aol.com ?all"

pobox.com       text = "v=spf1 mx mx:fallback-relay.%{d} a:webmail.%{d} 
a:smtp.%{d} a:outgoing.smtp.%{d} a:discard-reports.%{d} a:discards.%{d} mx:stor" 
"e.discard.%{d} a:emerald.%{d} redirect=%{l1r+}._at_.%{o}._spf.%{d}"

w3.org  text = "v=spf1 a mx ptr mx:sophia.inria.fr mx:inrialpes.fr 
ip4:128.30.52.0/22 ip4:133.27.228.192/26 ip4:212.89.0.17/28 
a:xana.fundacionctic.org a:www.w3c.es a:pec.etri.re.kr a:mta.prod1.dngr.net 
~all"


--
Christian Pélissier
Office National d'Études et de Recherches Aérospatiales BP 72 92322 Chatillon
Tel: 33 1 46 73 44 19, Fax: 33 1 46 73 41 50

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.