Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Message

URL checks: interfacing milter-greylist with anything

2006-12-06 by Emmanuel Dreyfus

Hello

I've just checked the new cool feature into the CVS (reminder: get it by
cvs -danoncvs@...:/milter-greylist co milter-greylist )

Now, ACL can cause URL lookups. You use the like this:

urlcheck "mytest" "http://www.example.net/mgl.php?rcpt=%r+ip=%i"

acl greylist urlcheck "mytest"


For each ACL evaluation will spawn a request to 
http://www.example.net/mgl.php?rcpt=%r+ip=%i, with 
%r replaced by recipient e-mail
%i replaced by IP address
You also substitute domain, sender address and helo string. Check the man page.

The mgl.php script is to answer if you get a match by sending back this:
milterGreylistStatus: Ok

Even better, you can send settings in the reply:
milterGreylistStatus: Ok
milterGreylistDelay: 1h

autowhite, code, ecode, flushaddr and msg can be overloaded. You can even
overload the ACL action (ie: turning a greylist ACL into a blacklist action),
see the man page for details.

That's extremely powerful, and would even allow reimplementing the greylisting
database outside of the milter itself :-)

Something to note: the reply format is LDIF-like. It was chosen so that
the URL could be a ldap:// query, though I have not experimented that yet.
Feel free to give it a try and tell the list if you get some succes. Of course,
returning milterGreylist* attribute means adding a schema, and as I unserstood,
it probably means getting an OID from IANA. Help is welcome here, I'm not
very experienced.

If you have other good ideas for using URL checks, I'm interested. I'm 
heading the LDAP way to make milter-greylist settings user-switchable in
real time, but I'm not sure it's the easiest way to go.

If you are willing to help milter-greylist developement, here is my TODO 
list. Feel free to pick an item (especially the documentation stuff, it
does not require programming skills):
- Update (rewrite from scratch) the web page
- Document more URL checks in README
- the LDAP stuff
- time clause in ACL (eg: tempfail anything outside of office hours)
- RCPT-stage ACL vs DATA-stage ACL
- Custom reason strings from URL checks for X-Greylist 
- message body match clause in DATA-stage ACL

-- 
Emmanuel Dreyfus
manu@...

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.