i was facing the same situation last year and i did a pacht to version 2 of milter-greylist any way i will paste my code change here and also a discussion i had about this topic...
i hope this helps -just llook at the 3 Mail...
---- Email 1 i had sent----
To: manu@... (Emmanuel Dreyfus)
Subject: OK know what happend with access.db and the trouble all others have
Hello Emmanuel,
i just figured out what the problem is that all others are facing.,
i will try to outline the problem with {greylist} WHITE
Please read carefuly because it contain valuable information for other users. I thing you need to update the documentation and outline a bit of sendmails behavior.
1) sm_macro "my macro" "themacro" VALUE -> is ok if
a) it is defined with "D{themacro}VALUE
b) and it is passed foe example with one of the milter macros to milter-greylist like
O Milter.macros.envrcpt={themacro}
; c) if a user wants to change the value in a rule set he can do it on the RHS side of a rule set by doing a global define of
Kstorage macro
and in the rule set
R$* ; $: $(storage {themarco} $@ $1 $) $1
example:
in check_relay you will find
R<$={Accept}> < $* > $@ $1
if you change that to
R<$={Accept}> < $* > $@ $(storage {themacro} $@ STRING $) $1
{themacro} will contain "STRING" everytime the LHS side matches
2) When it comes to access.db for example sendmail is ckecking check_rcpt before the milter "envrcpt" is called. if a user defines
O Milter.macros.envrcpt={greylist}
and futher follows the readme by define the macro and its value static with
D{greylist}WHITE
he completely disables the milter-greylist somehow because the turn the SPAM control to access.db and depending on the features for RELAY checks is automaticly whitelists all traifc that is not rejected explict in theaccess.db
To make it work correctly for example POP before SMTP (SMTP after POP= environments the need to define the global macro
D{greylist}GREY
and then ajusting the rule sets to use the access.db in the right way like i explained in 1) for check_relay but this time in the rule set check_rcpt.
Doing this i assume is for most of the users a hard task because i see a lack of knowlegde by writing the correct LHS and RHS rules as i could see from your mailing list.
CONCLUSION:
most POP before SMTP enviroment only writing to the access.db some thing like
x.x.x.x RELAY
y.y.y.y RELAY
and so on.
Maybe you can introduce my code that i have send earler to you and enable it with a access.db pop befor smtp feature maybe with a new
config command.
Let me know what you thing
best regards
Oliver
-- email 2 i had send (the code change or patch)
To: Emmanuel Dreyfus
Subject: Re: ACCESS.DB (new version of my code)
Hello Emmanuel,
i changed the code again to honor "RELAY" and "OK" in the /etc/mail/access file and i used the rc7 code this time - the code is allready kinda sanity checked and tested - it works with my sendmail and aprox 1000 mail per hour
and i added in milter-greylist.c in the declaration of the the function after row 291 four (4) variables.
sfsistat
mlfi_envrcpt(ctx, envrcpt)
SMFICTX *ctx;
char **envrcpt;
{
struct mlfi_priv *priv;
time_t remaining;
char *greylist;
char addrstr[IPADDRSTRLEN];
char rcpt[ADDRLEN + 1];
FILE *fda;
char accbuff[100];
char acc_ipaddr[50];
char acc_code[50];
than i added after your code for access.db in milter-greylist.c after line 367 my code:
if((fda = fopen("/etc/mail/access","r")) != NULL)
; {
while(fgets(accbuff,100,fda) != 0)
{
sscanf(accbuff,"%s %s\n",acc_ipaddr,acc_code);
if(strncmp(acc_ipaddr,addrstr, strlen(addrstr))==0)
{
; if(strcmp(acc_code,"RELAY") == 0 || strcmp(acc_code,"relay") == 0
; || strcmp(acc_code,"OK") == 0 || strcmp(acc_code,"ok") == 0)
{
mg_log(LOG_DEBUG, "whitelisted by {/etc/mail/access}");
priv->priv_elapsed = 0;
priv->priv_whitelist = EXF_ACCESSDB;
fclose(fda);
return SMFIS_CONTINUE;
}
; }
}
fclose(fda);
}
mfg
Oliver
-- email 3 ---
To: Emmanuel Dreyfus
Subject: Re: ACCESS.DB (new version of my code)
Hell Emmanuel,
that is easy to answer.. I spent a couple of hours yesterday to find out that is was not working with rc6 so i did the quick hack i have sent you first - in the meantime i have adaped that to rc7 and made some it a bit better. if the sm_marco is now working i can not tell and due to lack of time i can not write some sendmail rules that do the job correctly on the production system.
But by the way - the
O Milter.macros.envrcpt={greylist}
is still in my sendmail.cf but it does still not work even i have no rc7 running - if it would work than your code would be executed because i code comes after. but the log shows that my code gets executed
Nov 7 16:22:48 pollux milter-greylist: whitelisted by {/etc/mail/access}
Nov 7 16:22:48 pollux sendmail-in[22310]: kA7FMmJj022310: from=<oliver.haufe@...>, size=362, class=0, nrcpts=1, msgid=<6.1.2.0.2.20061107162417.029be770@...-edv.com>, proto=ESMTP, daemon=MTA, relay=[193.158.57.26]
Nov 7 16:22:48 pollux sendmail-in[22310]: kA7FMmJj022310: Milter add: header: X-Greylist: Message whitelisted by Sendmail access database, not delayed by milter-greylist-3.0rc7 (pollux.inet-de.de [194.187.186.62]); Tue, 07 Nov 2006 16:22:48 +0100 (CET)
Nov 7 16:22:48 pollux sendmail-in[22310]: kA7FMmJj022310: to=, delay=00:00:00, mailer=esmtp, pri=30356, stat=queued
best regards
Oliver
At 19:11 20.02.2007, Georg Horn wrote:
Hello,
I'm using milter-greylist for a while, and it works quite nice,
but i can't get the whitelisting with sendmails access.db to work.
I have the following line in my sendmail.cf:
O Milter.macros.envrcpt={rcpt_mailer}, {rcpt_host}, {rcpt_addr},
{greylist}
acording to the readme that says:
If you want to use Sendmail access DB as a whitelisting source,
you will need {greylist} too. milter-greylist will whitelist a
message when the {greylist} macro is defined and set as WHITE.
O Milter.macros.envrcpt={greylist}
but i don't understand how the macro is set to WHITE! What do i have
to put in my access.db?
Background: I have an smtp-after-pop setup, that already puts the
IP-Adresses of users that fetch mail via pop3 into the access.db, with
"RELAY" as the value. It would be nice if milter-greylist would also
whitelist these addresses, otherwise roaming users with dynamic
IPs will never get their mail through.
Thanks in advance,
Georg