Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Thread

mg/SA seems to work (was: Recent domain name..)

mg/SA seems to work (was: Recent domain name..)

2008-09-27 by Petar Bogdanovic

On Sat, Sep 27, 2008 at 10:44:53AM -0400, Greg Troxel wrote:
>
> manu@... writes:
>
> > Yes, it would be nice to have a DATA-stage ACl clause that would lookup
> > URL found in the message against domain black lists. This is a bit
> > complicated to implement, though.
>
> There's a slippery slope here to reimplementing all of spamassassin.
> Instead, I think it makes sense to have milter-greylist include the
> functionality of spamass-milter (but not spamd or SA), and it seems with
> the dacl for SA we are well on the way.
>
> (One important thing is at least mild greylisting before running SA for
> connections somewhat likely to be spam, but the rbl racl rules do that
> very nicely.)
>
> The next thing I would like most is variable greylisting delay depending
> on spam score.  Has anyone tried to do this?  If so, could they share
> their config?

Since a few hours, some of our machines are running milter-greylist from cvs
(checked out around 15:00 CEST) with the following configuration:

        racl whitelist addr 127.0.0.0/8
        racl whitelist default
        dacl blacklist spamd > 15
        dacl greylist  spamd > 10 delay 12h
        dacl greylist  spamd >  5 delay  6h


This is how it looks, when a message has a score > 15:

        spamd: connection from localhost [127.0.0.1] at port 65491
        spamd: checking message <01c92096$ac9e2b80$aca054bd@ad_verma> for (unknown):1001
        spamd: identified spam (21.0/5.0) for (unknown):1001 in 2.4 seconds, 3219 bytes.
        spamd: result: Y 20 - FH_HELO_EQ_D_D_D_D, (...)
        milter-greylist: (unknown id): addr (...) blacklisted (ACL 33)
        postfix (...) milter-reject: (...) 5.7.1 Your message is considered spam. (...)


This is how it looks, when a message has a score > 10:

        spamd: connection from localhost [127.0.0.1] at port 65497
        spamd: checking message <01c920bf$de77b800$3f2be458@barthelmess> for (unknown):1001
        spamd: identified spam (9.9/5.0) for (unknown):1001 in 1.9 seconds, 3558 bytes.
        spamd: result: Y 9 - HTML_MESSAGE, (...)
        milter-greylist: (unknown id): addr (...) delayed for 06:00:00 (ACL 35)
        postfix (...) milter-reject: (...) 4.7.1 Greylisting in action, please come back later. (...)


Many thanks Emmanuel/Manuel! :)

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.