## ## greylist.conf -- milter-greylist(8) configuration ## # daemon parameters user "@l_rusr@:@l_mgrp@" pidfile "@l_prefix@/var/milter-greylist/milter-greylist.pid" socket "@l_prefix@/var/milter/socket/milter-greylist" # database storage dumpfile "@l_prefix@/var/milter-greylist/milter-greylist.dump" dumpfreq 10m # database synchronization #syncaddr 192.168.0.1 port 5252 #syncsrcaddr 192.168.0.1 #peer 192.168.0.2 # greylisting behaviour extendedregex report delays greylist 5m autowhite 3d timeout 5d # access control list definition: my own networks (by address) list "my networks by address" addr { \ 127.0.0.1/8 \ # RFC1700: local host 10.0.0.0/8 \ # RFC1918: private address space 172.16.0.0/12 \ # RFC1918: private address space 192.168.0.0/16 \ # RFC1918: private address space 169.254.0.0/16 \ # RFC3330: link local 192.0.2.0/24 \ # RFC3330: test network } # access control list definition: broken MTAs that break with Greylisting (by domain) list "broken peers by domain" domain { \ /^.*-out-.*\.google\.com$/ \ # postgrey: google.com (big pool, reported by Matthias Dyer) /^fe\d+\.cox-internet\.com$/ \ # postgrey: cox-internet.com (no retry, reported by Rod Roark) /^fmr\d+\.intel\.com$/ \ # postgrey: intel.com (pool on different subnets) /^gateway\d+\.np4\.de$/ \ # postgrey: lufthansa (no retry, reported by Peter Bieringer) /^lake.*mta.*\.cox\.net$/ \ # postgrey: cox.net (no retry, reported by Duncan Hill) /^mail-in-\d+\.arcor-online\.net$/ \ # postgrey: arcor-online.net (slow: 12 hours, reported by Bernd Zeimetz) /^mail\d+\.messagelabs\.com$/ \ # postgrey: messagelabs.com (big pool, reported by John Tobin) /^mail\d+\.telekom\.de$/ \ # postgrey: telekom.de (slow: 6 hours) /^mail\d+\.usafisnews\.org$/ \ # postgrey: mail*.usafisnews.org (no retry, reported by Vito Robar) /^mailgw.*\.iai\.co\.il$/ \ # postgrey: mailgw*.iai.co.il (pool of several servers, reported by Vito Robar) /^ms-smtp.*\.rr\.com$/ \ # postgrey: rr.com (no retry, reported by Duncan Hill) /^mta[12].siol.net$/ \ # postgrey: mta?.siol.net (sometimes no or slow retry; they use intermail, reported by Vito Robar) /^odk.fdv.uni-lj.si$/ \ # postgrey: odk.fdv.uni-lj.si (no retry, reported by Vito Robar) /^p?smtp.*\.wxs\.nl$/ \ # postgrey: wxs.nl (no retry, reported by Johannes Fehr) /^pim-\d+-\d+\.quickinspirationsmail\.com$/ \ # postgrey: pim-N-N.quickinspirationsmail.com (unique sender, reported by Vito Robar) /^sc\d+pub\.verizon\.net$/ \ # postgrey: verizon.net (address verification, reported by Bill Moran and Eric) /^smtp\d+\.tiscali\.dk$/ \ # postgrey: tiscali.dk (slow: 12 hours, reported by Klaus Alexander Seistrup) accor-hotels.com \ # postgrey: accor-hotels.com (slow: 6 hours) amazon.com \ # postgrey: greylisting.org: Amazon.com (unique sender with letters) ameritradeinfo.com \ # postgrey: greylisting.org: Ameritrade (no retry) berlin.ptb.de \ # postgrey: ptb.de (slow, reported by Joachim Schoenberg) brief.cw.reum.de \ # postgrey: brief.cw.reum.de (no retry, reported by Manuel Oetiker) cacert.org \ # postgrey: cacert.org (address verification, reported by Martin Lohmeier) cs.ciphire.net \ # postgrey: ciphirelabs.com (needs fast responses, reported by Sven Mueller) cs.columbia.edu \ # postgrey: cs.columbia.edu (no retry) domin.switch.ch \ # postgrey: switch.ch (works but personnel is confused by the error) flymonarch.com \ # postgrey: flymonarch (no retry, reported by Marko Djukic) freshmeat.net \ # postgrey: freshmeat.net (address verification) gnu.org \ # postgrey: gnu.org (address verification, reported by Martin Lohmeier) gw.bas.roche.com \ # postgrey: roche.com (no retry) gw.stud-serv-mb.si \ # postgrey: gw.stud-serv-mb.si (no retry, reported by Vito Robar) ibm.com \ # postgrey: ibm.com (big pool, reported by Casey Peel) isp.belgacom.be \ # postgrey: greylisting.org: isp.belgacom.be (wierd retry pattern) karger.ch \ # postgrey: karger.ch, no retry lockergnome.wc09.net \ # postgrey: lockergnome.wc09.net (unique sender with letters, reported by Bill Landry) logismata.ch \ # postgrey: logismata.ch (no retry) mail.hhlaw.com \ # postgrey: newsletter (no retry) mail.polymed.ch \ # postgrey: polymed.ch (no retry) mail1.thurweb.ch \ # postgrey: rein.ch (no retry) mail2.alliancefr.be \ # postgrey: mail2.alliancefr.be (ocasionally no retry, reported by Vito Robar) mot.com \ # postgrey: motorola.com (no retry) mx.dars.si \ # postgrey: dars.si (ocasionally no retry, reported by Vito Robar) netsolmail.com \ # postgrey: netsolmail.com (no retry, reported by Gareth Greenaway) nic.fr \ # postgrey: nic.fr (address verification, reported by Arnaud Launay) p01m168.mxlogic.net \ # postgrey: mxlogic.net (no retry, reported by Eric) p02m169.mxlogic.net \ # postgrey: mxlogic.net (no retry, reported by Eric) piggy.rz.tu-ilmenau.de \ # postgrey: tu-ilmenau.de (no retry) polytech.univ-mrs.fr \ # postgrey: polytech.univ-mrs.fr (no retry, reported by Giovanni Mandorino) prd051.appliedbiosystems.com \ # postgrey: no retry (reported by Ralph Hildebrandt) proxy.gmail.com \ # postgrey: gmail.com (big pool, reported by Beat Mueller) qmail.ingeno.ch \ # postgrey: ingeno.ch (no retry) rak-gentoo-1.nameserver.de \ # postgrey: rak-gentoo-1.nameserver.de (no retry, reported by Vito Robar) registrarmail.net \ # postgrey: registrarmail.net (unique sender names, reported by Simon Waters) returns.dowjones.com \ # postgrey: dowjones.com newsletter (unique sender with letters) rz.hu-berlin.de \ # postgrey: hu-berlin.de (slow: 6 hours, reported by Joachim Schoenberg) scd.yahoo.com \ # postgrey: greylisting.org: Yahoo Groups servers (no retry) server-x001.hostpoint.ch \ # postgrey: lilys.ch, (slow: 4 hours) southwest.com \ # postgrey: greylisting.org: Southwest Airlines (unique sender, no retry) swissre.com \ # postgrey: swissre.com (no retry) tesla.vtszg.hr \ # postgrey: tesla.vtszg.hr (no retry, reported by Vito Robar) vger.kernel.org \ # postgrey: Linux kernel mailing-list (unique sender with letters) webserver.turboinstitut.si \ # postgrey: webserver.turboinstitut.si (no retry, reported by Vito Robar) zd-swx.com \ # postgrey: zd-swx.com (unique sender with letters, reported by Bill Landry) } # access control list definition: broken MTAs that break with Greylisting (by address) list "broken peers by address" addr { \ 12.107.209.244/32 \ # greylisting.org: kernel.org (unique sender) 12.107.209.250/32 \ # greylisting.org: sourceware.org (unique sender) 12.5.136.141/32 \ # greylisting.org: Southwest Airlines (unique sender) 12.5.136.142/32 \ # greylisting.org: Southwest Airlines 12.5.136.143/32 \ # greylisting.org: Southwest Airlines 12.5.136.144/32 \ # greylisting.org: Southwest Airlines 63.169.44.143/32 \ # greylisting.org: Southwest Airlines 63.169.44.144/32 \ # greylisting.org: Southwest Airlines 63.82.37.110/32 \ # greylisting.org: SLmail 64.12.136.0/24 \ # greylisting.org: AOL (common pool) 64.12.137.0/24 \ # greylisting.org: AOL 64.12.138.0/24 \ # greylisting.org: AOL 64.124.204.39 \ # greylisting.org: moveon.org (unique sender) 64.125.132.254/32 \ # greylisting.org: collab.net (unique sender) 64.7.153.18/32 \ # greylisting.org: sentex.ca (common pool) 66.100.210.82/32 \ # greylisting.org: Groupwise? 66.135.192.0/19 \ # greylisting.org: Ebay 66.162.216.166/32 \ # greylisting.org: Groupwise? 66.206.22.82/32 \ # greylisting.org: Plexor 66.206.22.83/32 \ # greylisting.org: Plexor 66.206.22.84/32 \ # greylisting.org: Plexor 66.206.22.85/32 \ # greylisting.org: Plexor 66.216.126.174/32 \ # postgrey: papersinvited.com (no retry) 66.218.66.0/23 \ # greylisting.org: Yahoo Groups servers (common pool) 66.218.67.0/23 \ # greylisting.org: Yahoo Groups servers (common pool) 66.218.68.0/23 \ # greylisting.org: Yahoo Groups servers (common pool) 66.218.69.0/23 \ # greylisting.org: Yahoo Groups servers (common pool) 66.27.51.218/32 \ # greylisting.org: ljbtc.com (Groupwise) 66.94.237.16/28 \ # greylisting.org: Yahoo Groups servers (common pool) 66.94.237.32/28 \ # greylisting.org: Yahoo Groups servers (common pool) 66.94.237.48/30 \ # greylisting.org: Yahoo Groups servers (common pool) 80.200.249.216/32 \ # postgrey: mail.resotel.be (ocasionally no retry, reported by Vito Robar) 152.163.225.0/24 \ # greylisting.org: AOL 193.191.218.141/32 \ # postgrey: mil.be (pool of different servers, reported by Vito Robar) 193.191.218.142/32 \ # postgrey: mil.be (pool of different servers, reported by Vito Robar) 193.191.218.143/32 \ # postgrey: mil.be (pool of different servers, reported by Vito Robar) 193.77.126.208/32 \ # postgrey: mail.esimit-tech.si (no retry, reported by Vito Robar) 193.77.153.67/32 \ # postgrey: mail.likopris.si (no retry, reported by Vito Robar) 193.81.20.195/32 \ # postgrey: duropack.co.at (no retry, reported by Vito Robar) 194.245.101.88/32 \ # greylisting.org: Joker.com 194.7.234.141/32 \ # postgrey: mil.be (pool of different servers, reported by Vito Robar) 194.7.234.142/32 \ # postgrey: mil.be (pool of different servers, reported by Vito Robar) 194.7.234.143/32 \ # postgrey: mil.be (pool of different servers, reported by Vito Robar) 195.235.39.0/24 \ # postgrey: jcsw.nato.int (several servers, no retry, reported by Vito Robar) 195.235.39.19/32 \ # greylisting.org: Tid InfoMail Exchanger v2.20 195.238.2.0/24 \ # greylisting.org: skynet.be (wierd retry pattern) 195.238.2.0/24 \ # greylisting.org: skynet.be (wierd retry pattern, common pool) 195.238.3.0/24 \ # greylisting.org: skynet.be 195.238.3.0/24 \ # greylisting.org: skynet.be 195.46.220.208/32 \ # greylisting.org: mgn.net 195.46.220.209/32 \ # greylisting.org: mgn.net 195.46.220.210/32 \ # greylisting.org: mgn.net 195.46.220.211/32 \ # greylisting.org: mgn.net 195.46.220.221/32 \ # greylisting.org: mgn.net 195.46.220.222/32 \ # greylisting.org: mgn.net 204.107.120.10/32 \ # greylisting.org: Ameritrade (no retry) 205.188.0.0/16 \ # greylisting.org: AOL 205.206.231.0/24 \ # greylisting.org: SecurityFocus.com (unique sender) 207.115.63.0/24 \ # greylisting.org: Prodigy - retries continually 207.171.168.0/24 \ # greylisting.org: Amazon.com 207.171.180.0/24 \ # greylisting.org: Amazon.com 207.171.187.0/24 \ # greylisting.org: Amazon.com 207.171.188.0/24 \ # greylisting.org: Amazon.com 207.171.190.0/24 \ # greylisting.org: Amazon.com 209.132.176.174/32 \ # greylisting.org: sourceware.org mailing lists (unique sender) 211.29.132.0/24 \ # greylisting.org: optusnet.com.au (wierd retry pattern) 213.136.52.31/32 \ # greylisting.org: Mysql.com (unique sender) 213.143.66.210/32 \ # postgrey: cosis.si (no retry, reported by Vito Robar) 216.238.112.99/32 \ # postgrey: mail.commandtech.com (no retry, reported by Vito Robar) 216.33.244.0/24 \ # greylisting.org: Ebay 217.158.50.178/32 \ # greylisting.org: AXKit mailing list (unique sender) } # access control list definition: users who want NO Greylisting list "non-greylisted recipients" rcpt { \ user1@example.com \ user2@example.com \ user3@example.com \ } # access control list # (first successful match stops processing) racl whitelist list "my networks by address" racl whitelist list "broken peers by domain" racl whitelist list "broken peers by address" racl whitelist list "non-greylisted recipients" racl greylist default