Hi, an understanding question: I use RBL blacklisting. A messages is blacklisted if an IP is listed on two RBLs, eg. racl blacklist dnsrbl "ZEN" dnsrbl "IX" msg "Bad reputation - %i listed on too many DNS blacklists: %D" flushaddr That rule is followed by a rule where I want to greylist an IP for 1h if listed at just one RBL: line 247: racl greylist dnsrbl "ZEN" delay 1h msg "Bad reputation - delaying messages from %i - listed on blacklist: %D" see: http://milter-greylist.wikidot.com/white-black-grey Problem: if I check the logfiles I see hosts running several times into the greylisting rule (ACL 247 is above greylist ACL), but they never pass greylisting, what I don't understand: grep greylist.db -------- 69.50.198.162 <uswaterevolution@...> <test@...> 1473572358 # 2016-09-11 07:39:18 69.50.198.162 <uswaterevolution@...> <test@...> 1473575966 # 2016-09-11 08:39:26 69.50.198.162 <uswaterevolution@...> <test@...> 1473579571 # 2016-09-11 09:39:31 69.50.198.162 <uswaterevolution@...> <test@...> 1473583206 # 2016-09-11 10:40:06 69.50.198.162 <uswaterevolution@...> <test@...> 1473586876 # 2016-09-11 11:41:16 69.50.198.162 <uswaterevolution@...> <test@...> 1473590481 # 2016-09-11 12:41:21 69.50.198.162 <uswaterevolution@...> <test@...> 1473594102 # 2016-09-11 13:41:42 69.50.198.162 <uswaterevolution@...> <test@...> 1473597772 # 2016-09-11 14:42:52 69.50.198.162 <uswaterevolution@...> <test@...> 1473601407 # 2016-09-11 15:43:27 69.50.198.162 <uswaterevolution@...> <test@...> 1473605073 # 2016-09-11 16:44:33 -------- sendmail log: -------- Sep 11 06:39:18 mailhost milter-greylist: u8B4dEbL010724: addr smms22.uswaterevolution.com[69.50.198.162] from <uswaterevolution@...> to <test@...> delayed for 01:00:00 (ACL 247) Sep 11 07:39:26 mailhost milter-greylist: u8B5dMUg019374: addr smms22.uswaterevolution.com[69.50.198.162] from <uswaterevolution@...> to <test@...> delayed for 01:00:00 (ACL 247) Sep 11 08:39:31 mailhost milter-greylist: u8B6dRMp028410: addr smms22.uswaterevolution.com[69.50.198.162] from <uswaterevolution@...> to <test@...> delayed for 01:00:00 (ACL 247) Sep 11 09:40:06 mailhost milter-greylist: u8B7e23d004863: addr smms22.uswaterevolution.com[69.50.198.162] from <uswaterevolution@...> to <test@...> delayed for 01:00:00 (ACL 247) Sep 11 10:41:16 mailhost milter-greylist: u8B8fCLa013860: addr smms22.uswaterevolution.com[69.50.198.162] from <uswaterevolution@...> to <test@...> delayed for 01:00:00 (ACL 247) Sep 11 11:41:21 mailhost milter-greylist: u8B9fHNF022671: addr smms22.uswaterevolution.com[69.50.198.162] from <uswaterevolution@...> to <test@...> delayed for 01:00:00 (ACL 247) Sep 11 12:41:42 mailhost milter-greylist: u8BAfcTm031642: addr smms22.uswaterevolution.com[69.50.198.162] from <uswaterevolution@...> to <test@...> delayed for 01:00:00 (ACL 247) Sep 11 13:42:52 mailhost milter-greylist: u8BBgnhs008326: addr smms22.uswaterevolution.com[69.50.198.162] from <uswaterevolution@...> to <test@...> delayed for 01:00:00 (ACL 247) Sep 11 14:43:27 mailhost milter-greylist: u8BChOoo017193: addr smms22.uswaterevolution.com[69.50.198.162] from <uswaterevolution@...> to <test@...> delayed for 01:00:00 (ACL 247) Sep 11 15:44:33 mailhost milter-greylist: u8BDiUwK026040: addr smms22.uswaterevolution.com[69.50.198.162] from <uswaterevolution@...> to <test@...> delayed for 01:00:00 (ACL 247) Sep 11 16:45:04 mailhost milter-greylist: u8BEj0sP002580: addr smms22.uswaterevolution.com[69.50.198.162] from <uswaterevolution@...> to <test@...> delayed for 01:00:00 (ACL 247) -------- Why is above mail not passing? It's the same IP, from and rctp tripple, trying to pass over hours? Do I need to autowhite too? Ciao Marcus
Message
greylisting ACL without autowhite, messages newer pass greylisting
2016-09-11 by Marcus Schopen