Milter-greylist

Hi,

is it possible to blacklist a server only if it's blacklisted an all given
blacklists? Before running emails into spamassassin I like to blacklist a
server if its IP is found on at least two blacklists. I found this howto on
http://milter-greylist.wikidot.com/white-black-grey but it looks like that
an server is blacklisted as soon as its IP matches one of the given
blacklists?

Ciao
Marcus

lists-yahoogroups@... <lists-yahoogroups@...> wrote:

> is it possible to blacklist a server only if it's blacklisted an all given
> blacklists? 

If you use multiple dnsrbl clauses in a given ACL, the ACL matches if
all clauses match, that is, if the sender is fond in all DNSRBL.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

lists@... <lists@...> wrote:

> would cause to reject incoming messages if the sender's IP is listed in
> ZEN and IX list (two hits) and not just ZEN or IX (one hit), right?

Right.

> BTW: what's the correct querie for the zen.spamhouse.org list?

 I do not know for that one.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

lists-yahoogroups@... <lists-yahoogroups@...> wrote:

> If I have a list of eg. four DNSRBLs and want to reject a message hit on
> two of them there is nothing like a counter, eg.

Try this:

racl continue rset $score=0
racl continue dnsrbl "A" set $score+=1
racl continue dnsrbl "B" set $score+=1
racl continue dnsrbl "C" set $score+=1
racl continue dnsrbl "D" set $score+=1
racl blacklist $score >= 2 msg "you hit %P{score} DNSRBL"

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

Hi Emmanuel,

On Thu, 20 Mar 2014 02:12:04 +0100, manu@... wrote:
> lists-yahoogroups@... <lists-yahoogroups@...> wrote:
> 
>> If I have a list of eg. four DNSRBLs and want to reject a message hit
on
>> two of them there is nothing like a counter, eg.
> 
> Try this:
> 
> racl continue rset $score=0
> racl continue dnsrbl "A" set $score+=1
> racl continue dnsrbl "B" set $score+=1
> racl continue dnsrbl "C" set $score+=1
> racl continue dnsrbl "D" set $score+=1
> racl blacklist $score >= 2 msg "you hit %P{score} DNSRBL"

Ah, that looks good, thanks. Is something like

  racl continue rset $score=0
  racl continue rset $listname=""
  racl continue dnsrbl "A" set $score+=1 $listname="$listname A"
  racl continue dnsrbl "B" set $score+=1 $listname="$listname B"
  ...
  racl blacklist $score >= 2 msg "you hit %P{score} on %P{listname}
DNSRBLs"

possible to get to know in which lists the IP was found?

Ciao
Marcus

On 2014-03-20 19:31, lists-yahoogroups@... wrote:
> Ah, that looks good, thanks. Is something like
>
> racl continue rset $score=0
> racl continue rset $listname=""
> racl continue dnsrbl "A" set $score+=1 $listname="$listname A"
> racl continue dnsrbl "B" set $score+=1 $listname="$listname B"
> ...
> racl blacklist $score >= 2 msg "you hit %P{score} on %P{listname}
> DNSRBLs"
>
> possible to get to know in which lists the IP was found?


IIRC it would be rather like
racl continue dnsrbl "B" set $score+=1 set $listname="%P{listname} B"

but yes, operations of this kind are possible.

Also note that is you later add "msg" or "log" into the mix (for the
same rule hit), there is a specific order in which these can be
specified, since some keywords are considered as clauses and others
are... different ;)

HTH,
//Jim

Jim Klimov <jimklimov@...> wrote:

> Also note that is you later add "msg" or "log" into the mix (for the
> same rule hit), there is a specific order in which these can be
> specified, since some keywords are considered as clauses and others
> are... different ;)

Feel free to submit a patch that fixes that :-)

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...