Michael Mansour wrote:
> Hi,
>
> I've whitelisted the following domain:
>
> au.pwc.com
>
> with the following in the greylist.conf file:
>
> acl whitelist domain au.pwc.com
>
> as they're valid senders to one of my clients.
>
> However greylisting still delays emails coming from them and doesn't whitelist
> them. So I'm wondering, does the milter-greylist whitelist use the "from"
> domain or the domain of the smtp server?
That depends.. if you specify:
acl whitelist rcpt
You use the "from" domain, as seen by the message envelope (ie: MAIL FROM:
command, which may not match the From: header in the message text, particularly
for things like mailing lists.).
If you specify:
acl whitelist domain
Then you use the domain of the SMTP server.
This is all documented in man greylist.conf:
-------------
domain This clause selects source machines based on their DNS name,
performing a suffix search. For instance, this will whitelist
any machine in the example.net domain:
-------------
and:
-------------
from This is used to select sender e-mail addresses. You should not
use that feature, because sender e-mail addresses can be triv-
ially forged. Example:
--------------
Although I would argue it is perfectly reasonable to use from for some things,
but you can't trust it so only use it for whitelists as a last resort. (ie:
forcing a blacklist or a longer-duration greylist based on from is perfectly
reasonable.)Message
Re: [milter-greylist] When whitelisting, do I whitelist the domain or the smtp server?
2007-10-08 by Matt Kettler