You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
192 lines
15 KiB
192 lines
15 KiB
## |
|
## greylist.conf -- milter-greylist(8) configuration |
|
## |
|
|
|
# daemon parameters |
|
user "@l_rusr@:@l_mgrp@" |
|
pidfile "@l_prefix@/var/milter-greylist/milter-greylist.pid" |
|
socket "@l_prefix@/var/milter/socket/milter-greylist" |
|
|
|
# database storage |
|
dumpfile "@l_prefix@/var/milter-greylist/milter-greylist.dump" |
|
dumpfreq 10m |
|
|
|
# database synchronization |
|
#syncaddr 192.168.0.1 port 5252 |
|
#syncsrcaddr 192.168.0.1 |
|
#peer 192.168.0.2 |
|
|
|
# greylisting behaviour |
|
extendedregex |
|
report delays |
|
greylist 5m |
|
autowhite 3d |
|
timeout 5d |
|
|
|
# access control list definition: my own networks (by address) |
|
list "my networks by address" addr { \ |
|
127.0.0.1/8 \ # RFC1700: local host |
|
10.0.0.0/8 \ # RFC1918: private address space |
|
172.16.0.0/12 \ # RFC1918: private address space |
|
192.168.0.0/16 \ # RFC1918: private address space |
|
169.254.0.0/16 \ # RFC3330: link local |
|
192.0.2.0/24 \ # RFC3330: test network |
|
} |
|
|
|
# access control list definition: broken MTAs that break with Greylisting (by domain) |
|
list "broken peers by domain" domain { \ |
|
/^.*-out-.*\.google\.com$/ \ # postgrey: google.com (big pool, reported by Matthias Dyer) |
|
/^fe\d+\.cox-internet\.com$/ \ # postgrey: cox-internet.com (no retry, reported by Rod Roark) |
|
/^fmr\d+\.intel\.com$/ \ # postgrey: intel.com (pool on different subnets) |
|
/^gateway\d+\.np4\.de$/ \ # postgrey: lufthansa (no retry, reported by Peter Bieringer) |
|
/^lake.*mta.*\.cox\.net$/ \ # postgrey: cox.net (no retry, reported by Duncan Hill) |
|
/^mail-in-\d+\.arcor-online\.net$/ \ # postgrey: arcor-online.net (slow: 12 hours, reported by Bernd Zeimetz) |
|
/^mail\d+\.messagelabs\.com$/ \ # postgrey: messagelabs.com (big pool, reported by John Tobin) |
|
/^mail\d+\.telekom\.de$/ \ # postgrey: telekom.de (slow: 6 hours) |
|
/^mail\d+\.usafisnews\.org$/ \ # postgrey: mail*.usafisnews.org (no retry, reported by Vito Robar) |
|
/^mailgw.*\.iai\.co\.il$/ \ # postgrey: mailgw*.iai.co.il (pool of several servers, reported by Vito Robar) |
|
/^ms-smtp.*\.rr\.com$/ \ # postgrey: rr.com (no retry, reported by Duncan Hill) |
|
/^mta[12].siol.net$/ \ # postgrey: mta?.siol.net (sometimes no or slow retry; they use intermail, reported by Vito Robar) |
|
/^odk.fdv.uni-lj.si$/ \ # postgrey: odk.fdv.uni-lj.si (no retry, reported by Vito Robar) |
|
/^p?smtp.*\.wxs\.nl$/ \ # postgrey: wxs.nl (no retry, reported by Johannes Fehr) |
|
/^pim-\d+-\d+\.quickinspirationsmail\.com$/ \ # postgrey: pim-N-N.quickinspirationsmail.com (unique sender, reported by Vito Robar) |
|
/^sc\d+pub\.verizon\.net$/ \ # postgrey: verizon.net (address verification, reported by Bill Moran and Eric) |
|
/^smtp\d+\.tiscali\.dk$/ \ # postgrey: tiscali.dk (slow: 12 hours, reported by Klaus Alexander Seistrup) |
|
accor-hotels.com \ # postgrey: accor-hotels.com (slow: 6 hours) |
|
amazon.com \ # postgrey: greylisting.org: Amazon.com (unique sender with letters) |
|
ameritradeinfo.com \ # postgrey: greylisting.org: Ameritrade (no retry) |
|
berlin.ptb.de \ # postgrey: ptb.de (slow, reported by Joachim Schoenberg) |
|
brief.cw.reum.de \ # postgrey: brief.cw.reum.de (no retry, reported by Manuel Oetiker) |
|
cacert.org \ # postgrey: cacert.org (address verification, reported by Martin Lohmeier) |
|
cs.ciphire.net \ # postgrey: ciphirelabs.com (needs fast responses, reported by Sven Mueller) |
|
cs.columbia.edu \ # postgrey: cs.columbia.edu (no retry) |
|
domin.switch.ch \ # postgrey: switch.ch (works but personnel is confused by the error) |
|
flymonarch.com \ # postgrey: flymonarch (no retry, reported by Marko Djukic) |
|
freshmeat.net \ # postgrey: freshmeat.net (address verification) |
|
gnu.org \ # postgrey: gnu.org (address verification, reported by Martin Lohmeier) |
|
gw.bas.roche.com \ # postgrey: roche.com (no retry) |
|
gw.stud-serv-mb.si \ # postgrey: gw.stud-serv-mb.si (no retry, reported by Vito Robar) |
|
ibm.com \ # postgrey: ibm.com (big pool, reported by Casey Peel) |
|
isp.belgacom.be \ # postgrey: greylisting.org: isp.belgacom.be (wierd retry pattern) |
|
karger.ch \ # postgrey: karger.ch, no retry |
|
lockergnome.wc09.net \ # postgrey: lockergnome.wc09.net (unique sender with letters, reported by Bill Landry) |
|
logismata.ch \ # postgrey: logismata.ch (no retry) |
|
mail.hhlaw.com \ # postgrey: newsletter (no retry) |
|
mail.polymed.ch \ # postgrey: polymed.ch (no retry) |
|
mail1.thurweb.ch \ # postgrey: rein.ch (no retry) |
|
mail2.alliancefr.be \ # postgrey: mail2.alliancefr.be (ocasionally no retry, reported by Vito Robar) |
|
mot.com \ # postgrey: motorola.com (no retry) |
|
mx.dars.si \ # postgrey: dars.si (ocasionally no retry, reported by Vito Robar) |
|
netsolmail.com \ # postgrey: netsolmail.com (no retry, reported by Gareth Greenaway) |
|
nic.fr \ # postgrey: nic.fr (address verification, reported by Arnaud Launay) |
|
p01m168.mxlogic.net \ # postgrey: mxlogic.net (no retry, reported by Eric) |
|
p02m169.mxlogic.net \ # postgrey: mxlogic.net (no retry, reported by Eric) |
|
piggy.rz.tu-ilmenau.de \ # postgrey: tu-ilmenau.de (no retry) |
|
polytech.univ-mrs.fr \ # postgrey: polytech.univ-mrs.fr (no retry, reported by Giovanni Mandorino) |
|
prd051.appliedbiosystems.com \ # postgrey: no retry (reported by Ralph Hildebrandt) |
|
proxy.gmail.com \ # postgrey: gmail.com (big pool, reported by Beat Mueller) |
|
qmail.ingeno.ch \ # postgrey: ingeno.ch (no retry) |
|
rak-gentoo-1.nameserver.de \ # postgrey: rak-gentoo-1.nameserver.de (no retry, reported by Vito Robar) |
|
registrarmail.net \ # postgrey: registrarmail.net (unique sender names, reported by Simon Waters) |
|
returns.dowjones.com \ # postgrey: dowjones.com newsletter (unique sender with letters) |
|
rz.hu-berlin.de \ # postgrey: hu-berlin.de (slow: 6 hours, reported by Joachim Schoenberg) |
|
scd.yahoo.com \ # postgrey: greylisting.org: Yahoo Groups servers (no retry) |
|
server-x001.hostpoint.ch \ # postgrey: lilys.ch, (slow: 4 hours) |
|
southwest.com \ # postgrey: greylisting.org: Southwest Airlines (unique sender, no retry) |
|
swissre.com \ # postgrey: swissre.com (no retry) |
|
tesla.vtszg.hr \ # postgrey: tesla.vtszg.hr (no retry, reported by Vito Robar) |
|
vger.kernel.org \ # postgrey: Linux kernel mailing-list (unique sender with letters) |
|
webserver.turboinstitut.si \ # postgrey: webserver.turboinstitut.si (no retry, reported by Vito Robar) |
|
zd-swx.com \ # postgrey: zd-swx.com (unique sender with letters, reported by Bill Landry) |
|
} |
|
|
|
# access control list definition: broken MTAs that break with Greylisting (by address) |
|
list "broken peers by address" addr { \ |
|
12.107.209.244/32 \ # greylisting.org: kernel.org (unique sender) |
|
12.107.209.250/32 \ # greylisting.org: sourceware.org (unique sender) |
|
12.5.136.141/32 \ # greylisting.org: Southwest Airlines (unique sender) |
|
12.5.136.142/32 \ # greylisting.org: Southwest Airlines |
|
12.5.136.143/32 \ # greylisting.org: Southwest Airlines |
|
12.5.136.144/32 \ # greylisting.org: Southwest Airlines |
|
63.169.44.143/32 \ # greylisting.org: Southwest Airlines |
|
63.169.44.144/32 \ # greylisting.org: Southwest Airlines |
|
63.82.37.110/32 \ # greylisting.org: SLmail |
|
64.12.136.0/24 \ # greylisting.org: AOL (common pool) |
|
64.12.137.0/24 \ # greylisting.org: AOL |
|
64.12.138.0/24 \ # greylisting.org: AOL |
|
64.124.204.39 \ # greylisting.org: moveon.org (unique sender) |
|
64.125.132.254/32 \ # greylisting.org: collab.net (unique sender) |
|
64.7.153.18/32 \ # greylisting.org: sentex.ca (common pool) |
|
66.100.210.82/32 \ # greylisting.org: Groupwise? |
|
66.135.192.0/19 \ # greylisting.org: Ebay |
|
66.162.216.166/32 \ # greylisting.org: Groupwise? |
|
66.206.22.82/32 \ # greylisting.org: Plexor |
|
66.206.22.83/32 \ # greylisting.org: Plexor |
|
66.206.22.84/32 \ # greylisting.org: Plexor |
|
66.206.22.85/32 \ # greylisting.org: Plexor |
|
66.216.126.174/32 \ # postgrey: papersinvited.com (no retry) |
|
66.218.66.0/23 \ # greylisting.org: Yahoo Groups servers (common pool) |
|
66.218.67.0/23 \ # greylisting.org: Yahoo Groups servers (common pool) |
|
66.218.68.0/23 \ # greylisting.org: Yahoo Groups servers (common pool) |
|
66.218.69.0/23 \ # greylisting.org: Yahoo Groups servers (common pool) |
|
66.27.51.218/32 \ # greylisting.org: ljbtc.com (Groupwise) |
|
66.94.237.16/28 \ # greylisting.org: Yahoo Groups servers (common pool) |
|
66.94.237.32/28 \ # greylisting.org: Yahoo Groups servers (common pool) |
|
66.94.237.48/30 \ # greylisting.org: Yahoo Groups servers (common pool) |
|
80.200.249.216/32 \ # postgrey: mail.resotel.be (ocasionally no retry, reported by Vito Robar) |
|
152.163.225.0/24 \ # greylisting.org: AOL |
|
193.191.218.141/32 \ # postgrey: mil.be (pool of different servers, reported by Vito Robar) |
|
193.191.218.142/32 \ # postgrey: mil.be (pool of different servers, reported by Vito Robar) |
|
193.191.218.143/32 \ # postgrey: mil.be (pool of different servers, reported by Vito Robar) |
|
193.77.126.208/32 \ # postgrey: mail.esimit-tech.si (no retry, reported by Vito Robar) |
|
193.77.153.67/32 \ # postgrey: mail.likopris.si (no retry, reported by Vito Robar) |
|
193.81.20.195/32 \ # postgrey: duropack.co.at (no retry, reported by Vito Robar) |
|
194.245.101.88/32 \ # greylisting.org: Joker.com |
|
194.7.234.141/32 \ # postgrey: mil.be (pool of different servers, reported by Vito Robar) |
|
194.7.234.142/32 \ # postgrey: mil.be (pool of different servers, reported by Vito Robar) |
|
194.7.234.143/32 \ # postgrey: mil.be (pool of different servers, reported by Vito Robar) |
|
195.235.39.0/24 \ # postgrey: jcsw.nato.int (several servers, no retry, reported by Vito Robar) |
|
195.235.39.19/32 \ # greylisting.org: Tid InfoMail Exchanger v2.20 |
|
195.238.2.0/24 \ # greylisting.org: skynet.be (wierd retry pattern) |
|
195.238.2.0/24 \ # greylisting.org: skynet.be (wierd retry pattern, common pool) |
|
195.238.3.0/24 \ # greylisting.org: skynet.be |
|
195.238.3.0/24 \ # greylisting.org: skynet.be |
|
195.46.220.208/32 \ # greylisting.org: mgn.net |
|
195.46.220.209/32 \ # greylisting.org: mgn.net |
|
195.46.220.210/32 \ # greylisting.org: mgn.net |
|
195.46.220.211/32 \ # greylisting.org: mgn.net |
|
195.46.220.221/32 \ # greylisting.org: mgn.net |
|
195.46.220.222/32 \ # greylisting.org: mgn.net |
|
204.107.120.10/32 \ # greylisting.org: Ameritrade (no retry) |
|
205.188.0.0/16 \ # greylisting.org: AOL |
|
205.206.231.0/24 \ # greylisting.org: SecurityFocus.com (unique sender) |
|
207.115.63.0/24 \ # greylisting.org: Prodigy - retries continually |
|
207.171.168.0/24 \ # greylisting.org: Amazon.com |
|
207.171.180.0/24 \ # greylisting.org: Amazon.com |
|
207.171.187.0/24 \ # greylisting.org: Amazon.com |
|
207.171.188.0/24 \ # greylisting.org: Amazon.com |
|
207.171.190.0/24 \ # greylisting.org: Amazon.com |
|
209.132.176.174/32 \ # greylisting.org: sourceware.org mailing lists (unique sender) |
|
211.29.132.0/24 \ # greylisting.org: optusnet.com.au (wierd retry pattern) |
|
213.136.52.31/32 \ # greylisting.org: Mysql.com (unique sender) |
|
213.143.66.210/32 \ # postgrey: cosis.si (no retry, reported by Vito Robar) |
|
216.238.112.99/32 \ # postgrey: mail.commandtech.com (no retry, reported by Vito Robar) |
|
216.33.244.0/24 \ # greylisting.org: Ebay |
|
217.158.50.178/32 \ # greylisting.org: AXKit mailing list (unique sender) |
|
} |
|
|
|
# access control list definition: users who want NO Greylisting |
|
list "non-greylisted recipients" rcpt { \ |
|
user1@example.com \ |
|
user2@example.com \ |
|
user3@example.com \ |
|
} |
|
|
|
# access control list |
|
# (first successful match stops processing) |
|
racl whitelist list "my networks by address" |
|
racl whitelist list "broken peers by domain" |
|
racl whitelist list "broken peers by address" |
|
racl whitelist list "non-greylisted recipients" |
|
racl greylist default |
|
|
|
|