Milter-greylist

Hi There,

I've just taken over a Sendmail with Greylisting service and although I know about some of it I'm having a few difficulties, hence here I am, and hopefully someone can help.

1) Authowhitelisting - I have the Authowhitelist timeout set to 35 days. In this way most of our genuine business partners will not have to have a delay in sending email. 
What I have been seeing though is that some domains are not being autowhitelisted, even though we are continually seeing emails from them. I can't understand for the life of me why. 

Does anyone have any ideas or know any troubleshooting steps for this?


2) The Order of the Greylist.conf is very important as I have been reading. 

Now near the top of the conf file we have our statements to greylist all incoming email:

acl greylist rcpt /.*@.../
acl greylist rcpt /.*@.../
acl greylist rcpt /.*@.../

At the bottom of the conf file we have a list of whitelisted domains which is as such:

acl whitelist domain External_domain.com
acl whitelist domain External_domain.co.uk
acl whitelist domain External_domain2.com

Now, according to other posts, the above means that everything incoming is going to be greylisted (unless autowhitelisted) as:

From: You@External_domain.com
To: Me@MyDomain1.com

The greylist.conf will be read top to bottom and will never hit the acl whitelist at the bottom of the conf file, as it will read the first entry, 

acl greylist rcpt /.*@.../

Is this correct or am I missing something?


3) I remember ages ago being told that the ACL's needed to be in alphabetical order? I'm not sure if this is correct or not? Any idea?


Thanks

Phil

On Tue, Oct 19, 2010 at 12:24 PM, phil844046 <philgates@...> wrote:
> 1) Authowhitelisting - I have the Authowhitelist timeout set to 35 days. In this way most of our genuine business partners will not have to have a delay in sending email.
> What I have been seeing though is that some domains are not being autowhitelisted, even though we are continually seeing emails from them. I can't understand for the life of me why.
>
> Does anyone have any ideas or know any troubleshooting steps for this?

It records tuples of sender, recipient and sending server. So if
others from the same domain send you e-mail doesn't matter.

Take a look at the "lazyaw" option, it only records the server ip. I
don't see any downside to using that.

/peter

Hi Peter,

Thanks for the response.

Looks like we already using the lazyaw option so that's all good.

Also in terms of my Question 2.. I've answered that myself with a bit of testing.

Lastly.. does anyone know about the ACL list needing to be in alphabetical order or does it not matter?

Thanks

Phil

--- In milter-greylist@yahoogroups.com, Peter Bonivart <shuttlebox@...> wrote:

>
> On Tue, Oct 19, 2010 at 12:24 PM, phil844046 <philgates@...> wrote:
> > 1) Authowhitelisting - I have the Authowhitelist timeout set to 35 days. In this way most of our genuine business partners will not have to have a delay in sending email.
> > What I have been seeing though is that some domains are not being autowhitelisted, even though we are continually seeing emails from them. I can't understand for the life of me why.
> >
> > Does anyone have any ideas or know any troubleshooting steps for this?
> 
> It records tuples of sender, recipient and sending server. So if
> others from the same domain send you e-mail doesn't matter.
> 
> Take a look at the "lazyaw" option, it only records the server ip. I
> don't see any downside to using that.
> 
> /peter
>

phil844046 <philgates@...> wrote:

> Lastly.. does anyone know about the ACL list needing to be in alphabetical
> order or does it not matter?

It does not matter.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

The order is important.

When a match is made, then the search ends.

So if you have:

list "domainlist" domain { \
	mydomain.com \
	myotherdomain.com \
}

acl blacklist domainlist delay 1d
acl whitelist domainlist autowhite 3d

then anything in domainlist will never be whitelisted.

As for the entries in the domainlist, I do not believe the order  
matters.

Bill

Bill Levering
idbill@...
KFP: 0C38 4D7E 5B50 94FE 992D  406D 6C81 DE33 5459 A1AC

On Oct 19, 2010, at 7:05 AM, phil844046 wrote:

> Hi Peter,
>
> Thanks for the response.
>
> Looks like we already using the lazyaw option so that's all good.
>
> Also in terms of my Question 2.. I've answered that myself with a  
> bit of testing.
>
> Lastly.. does anyone know about the ACL list needing to be in  
> alphabetical order or does it not matter?
>
> Thanks
>
> Phil
>
> --- In milter-greylist@yahoogroups.com, Peter Bonivart  
> <shuttlebox@...> wrote:
>>
>> On Tue, Oct 19, 2010 at 12:24 PM, phil844046 <philgates@...> wrote:
>>> 1) Authowhitelisting - I have the Authowhitelist timeout set to 35  
>>> days. In this way most of our genuine business partners will not  
>>> have to have a delay in sending email.
>>> What I have been seeing though is that some domains are not being  
>>> autowhitelisted, even though we are continually seeing emails from  
>>> them. I can't understand for the life of me why.
>>>
>>> Does anyone have any ideas or know any troubleshooting steps for  
>>> this?
>>
>> It records tuples of sender, recipient and sending server. So if
>> others from the same domain send you e-mail doesn't matter.
>>
>> Take a look at the "lazyaw" option, it only records the server ip. I
>> don't see any downside to using that.
>>
>> /peter
>>
>
>
>
>
> ------------------------------------
>
> Yahoo! Groups Links
>
>
>