Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Message

Re: {Disarmed} Re: [milter-greylist] When whitelisting, do I whitelist the domain or the smtp server?

2007-10-09 by Michael Mansour

Hi Matt,

> Michael Mansour wrote:
> > Hi,
> > 
> > I've whitelisted the following domain:
> > 
> > au.pwc.com
> > 
> > with the following in the greylist.conf file:
> > 
> > acl whitelist domain au.pwc.com
> > 
> > as they're valid senders to one of my clients.
> > 
> > However greylisting still delays emails coming from them and doesn't whitelist
> > them. So I'm wondering, does the milter-greylist whitelist use the "from"
> > domain or the domain of the smtp server?
> 
> That depends.. if you specify:
> 
> acl whitelist rcpt
> 
> You use the "from" domain, as seen by the message envelope (ie: MAIL 
> FROM: command, which may not match the From: header in the message 
> text, particularly for things like mailing lists.).
> 
> If you specify:
> 
> acl whitelist domain
> 
> Then you use the domain of the SMTP server.

Thanks for the confirmation here, this makes things a little clearer for me.

> This is all documented in man greylist.conf:
> 
> -------------
>         domain This clause selects source machines based  on  their  
> DNS  name,               performing  a  suffix search.  For instance,
>  this will whitelist               any machine in the example.net domain:
> -------------
> 
> and:
> -------------
>         from   This  is  used to select sender e-mail addresses. You 
> should not               use that feature, because sender e-mail 
> addresses can  be  triv-               ially forged.  Example:
> --------------

I've reveiwed the man page over and over now to make sure I understand it
correctly.

> Although I would argue it is perfectly reasonable to use from for 
> some things, but you can't trust it so only use it for whitelists as 
> a last resort. (ie: forcing a blacklist or a longer-duration 
> greylist based on from is perfectly reasonable.)
------- End of Original Message -------

As an example, please recommend what you would do in this case.

Email coming from "facebook.com" is:

Received: from fallbackmx-out.facebook.com (out016.sctm.tfbnw.net [204.15.20.143])

with the "from" address being:

eventmaster+ohphpgp1@...

This was delayed for 4 hours my end. I want to whitelist it to that recipient,
how would you recommend I do it?

Simply:

acl whitelist from eventmaster+ohphpgp1@... rcpt <toemailaddress>

or:

acl whitelist domain out016.sctm.tfbnw.net

or:

acl whitelist addr 204.15.20.143

?

Thanks.

Michael.

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.