Milter-greylist

A fairly small mail server, tens of users (mostly).  We ran milter-greylist years ago but gave it up due to complaints from some users about the delay time on legitimate mail (this was in the “acl” (pre-racl) days.)

We have recently been getting storms of SPAM, mostly from a select group of top-level domains (e.g. *.download, *.top) and a few netblocks (e.g. an ISP in Bulgaria).  Seeking an expedient solution I have resorted to sendmail’s accessdb feature (e.g. "top ERROR:5.7.1:550 Access denied from TLD top”).  This is quite effective and (of course) actually a bad idea.

I am wondering if I could accomplish a similar effect with milter-greylist, using default whitelisting and greylisting only the problematic TLDs / netblocks / etc.  I think the greylist.conf file looks like this:

domainexact
# if whitelist is the default, could this be like … 1m?
autowhite 1h
racl greylist domain download delay 30m
racl greylist <redacted>.0/24 delay 30m
racl whitelist default
racl whitelist auth /.*/

Comments? Suggestions? Observations?

Can racl entries be included in sendmail’s accessdb? (i.e. simple maintenance automation). The only reference I see to this function in the man pages is ‘noaccessdb’.  I presume the {greylist} sendmail macro can be just (mostly) any string (e.g. “greylist”).  Does anyone use this functionality (successfully)?

Thanks for your assistance.

Oscar

Oscar Hodgson oscar.hodgson@... [milter-greylist]
<milter-greylist@yahoogroups.com> wrote:

> I am wondering if I could accomplish a similar effect with
> milter-greylist, using default whitelisting and greylisting only the
> problematic TLDs / netblocks / etc.

Yes, this works, and it is quite efficient. I use DNSRBL to applys
different delays. For instance if the sender is in SORBS DUN
(dnsbl.sorbs.net), the DNSRBL for xDSL and cable pools, then I use a 12h
delay. Otherwise 15 mn.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...