Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-13 23:57 UTC

Message

Re: [milter-greylist] Whitelist with Sendmail access db

2017-06-29 by Johann Klasek

On Thu, Jun 29, 2017 at 09:29:58PM +0200, Markus Edemalm markus@... [milter-greylist] wrote:
> > Because the rules above are using client_addr, it uses the IP address for
> > a match in access-db!
> > 
> > You have to state the ip address in access-db ...
> > 
> > Connect:1.2.3.4 OK
> > 
> > (OK, RELAY, WHITE tells milter-greylist to whitelist the IP) - use WHITE
> > to prevent side-effects (not allowing any relaying to foreign hosts).
> > 
> > For a simple fix, change client_addr to client_name
> > which contains the hostname or in case this isn't resolveable [a.b.c.d]
> > for IPv4 or something like this [IPv6:2a02:c207:2011:3138::1] for IPv6
> > addresses.
[..]

> > SLocal_check_rcpt
> > R$+ $: $(storage {greylist} $) $&{client_addr}
> > R$+ $: $>A <$1> <?> <+Connect> <$1>
> > R<?> <$+> $: <?> $&{client_name}
> > R<?> $+ $: $>A <$1> <?> <+Connect> <$1>
> > R<$+> <$*> $: $(storage {greylist} $@ $1 $) $1
[..]
> I tried your config code above and made some progress.

Fine!

> Connect:example.com WHITE
> 
> With the WHITE keyword, my server responded with "reject=553 5.3.0 WHITE???, so I changed to OK.

Yes, a side-effect of the other kind ...

> 
> Connect:example.com OK

Indeed, the better one.


> That didn???t yield an error, but it wasn???t picked up by milter-greylist, so instead I tried:
> 
> Connect:complete.hostname.example.com OK
> 
> THAT did work, finally ML reported "X-Greylist: Message whitelisted by Sendmail access database, not delayed???. Great!
> Too bad I didn???t work with domain name only, that makes this feature pretty useless.
> 
> I think I???ll return to whitelisting within greylist.conf
> 
> ???unless someone with mad m4 skills has another suggestion to try! :)

Easy, just use Ruleset "D" (domain match) instead of "A" (address match).
I was wrong in my previous attempt to fix this.
See 5th line ...

SLocal_check_rcpt
R$+ $: $(storage {greylist} $) $&{client_addr}
R$+ $: $>A <$1> <?> <+Connect> <$1>
R<?> <$+> $: <?> $&{client_name}
R<?> $+ $: $>D <$1> <?> <+Connect> <$1>
R<$+> <$*> $: $(storage {greylist} $@ $1 $) $1


Have fun,
Johann K.

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.