Milter-greylist

according to the docs:
" Clauses can be negated, by prefixing them by the not keyword."

So, for example, if I wanted to penalize helo's that don't contain a . , thus 
cannot be proper domain format or address literal as required in RFC 1123, would 
I use:


acl greylist not helo /\./ delay 4h

or

acl greylist helo not /\./ delay 4h

I couldn't find any specific examples in the docs or sample conf files, so it's 
ambiguous to me where exactly the not belongs..


note: I know the RFCs prohibit using lookup or validation of HELO strings to 
refuse mail. However they do permit refusal when the format of the HELO is 
invalid, as this would force your Received: headers quoting them to violate 
standards.

I know some legitimate mail still violates this, but here I'm just wanting to 
try using it as a greylist criteria with heavier delays, rather than an outright 
blacklist.

Matt Kettler <mkettler@...> wrote:

> according to the docs:
> " Clauses can be negated, by prefixing them by the not keyword."
[where is the not]
> acl greylist not helo /\./ delay 4h

That's the correct syntax.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

manu@... wrote:
> Matt Kettler <mkettler@...> wrote:
> 
>> according to the docs:
>> " Clauses can be negated, by prefixing them by the not keyword."
> [where is the not]
>> acl greylist not helo /\./ delay 4h
> 
> That's the correct syntax.
> 

By the way, the rule above works really well. This acl, and my no-RDNS acl 
handle picking out a lot of junk and hitting it with a longer greylist period, 
with very few false positives in my environment..

for reference, the no RDNS one is:

#greylist unresolvable hosts, note - requires extendedregex option
acl greylist domain /\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\]/ delay 4h

Matt Kettler <mkettler@...> wrote:

> By the way, the rule above works really well. This acl, and my no-RDNS acl
> handle picking out a lot of junk and hitting it with a longer greylist period,
> with very few false positives in my environment..
> 
> for reference, the no RDNS one is:

You can also use macros set by sendmail for that kind of use.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...