File: greylist.conf

package info (click to toggle)
milter-greylist 3.0-3.1
  • links: PTS
  • area: main
  • in suites: lenny
  • size: 920 kB
  • ctags: 787
  • sloc: ansic: 6,864; sh: 3,205; yacc: 736; lex: 321; makefile: 166
file content (117 lines) | stat: -rw-r--r-- 4,244 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
#
# Simple greylisting config file using the new features
# See greylist2.conf for a more detailed list of available options
#
# $Id: greylist.conf,v 1.37.2.2 2006/09/27 20:03:24 manu Exp $
#

pidfile "/var/run/milter-greylist.pid"
socket "/var/run/milter-greylist/milter-greylist.sock"
dumpfile "/var/lib/milter-greylist/greylist.db"
user "greylist"

# Be verbose (or use -v flag)
#verbose

# Do not tell spammer how long they have to wait
quiet

# MX peering
#peer 192.0.2.17
#peer 192.0.2.18

# Your own network, which should not suffer greylisting
list "my network" addr { 127.0.0.1/8 10.0.0.0/8 192.0.2.0/24 }

# Your MXes and Mailforwardinghosts, Mailinglistsproviders, which you don'T
# want to piss off.
list "my friends" addr {   \
	70.103.162.0/24	   \ # Debian Mail+Listservers. NEVER unwhitelist them. 
	140.211.166.0/24   \ # Debian Bugs
	192.25.206.0/24    \ # Debian web/cvs/people
	194.109.137.218/32 \ # Debian security/www-master.d.o
	}

# This is a list of broken MTAs that break with greylisting. Derived from
# http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt?rev=1.16
list "broken mta" addr {   \
	12.5.136.141/32    \ # Southwest Airlines (unique sender)
	12.5.136.142/32    \ # Southwest Airlines
	12.5.136.143/32    \ # Southwest Airlines
	12.5.136.144/32    \ # Southwest Airlines
	12.107.209.244/32  \ # kernel.org (unique sender)
	12.107.209.250/32  \ # sourceware.org (unique sender)
	63.82.37.110/32    \ # SLmail
	63.169.44.143/32   \ # Southwest Airlines
	63.169.44.144/32   \ # Southwest Airlines
	64.7.153.18/32     \ # sentex.ca (common pool)
	64.12.136.0/24     \ # AOL (common pool)
	64.12.137.0/24     \ # AOL
	64.12.138.0/24     \ # AOL
	64.124.204.39      \ # moveon.org (unique sender)
	64.125.132.254/32  \ # collab.net (unique sender)
	66.94.237.16/28    \ # Yahoo Groups servers (common pool)
	66.94.237.32/28    \ # Yahoo Groups servers (common pool)
	66.94.237.48/30    \ # Yahoo Groups servers (common pool)
	66.100.210.82/32   \ # Groupwise?
	66.135.192.0/19    \ # Ebay
	66.162.216.166/32  \ # Groupwise?
	66.206.22.82/32    \ # Plexor
	66.206.22.83/32    \ # Plexor
	66.206.22.84/32    \ # Plexor
	66.206.22.85/32    \ # Plexor
	66.218.66.0/23     \ # Yahoo Groups servers (common pool)
	66.218.67.0/23     \ # Yahoo Groups servers (common pool)
	66.218.68.0/23     \ # Yahoo Groups servers (common pool)
	66.218.69.0/23     \ # Yahoo Groups servers (common pool)
	66.27.51.218/32    \ # ljbtc.com (Groupwise)
	152.163.225.0/24   \ # AOL
	194.245.101.88/32  \ # Joker.com
	195.235.39.19/32   \ # Tid InfoMail Exchanger v2.20
	195.238.2.0/24     \ # skynet.be (wierd retry pattern, common pool)
	195.238.3.0/24     \ # skynet.be
	195.46.220.208/32  \ # mgn.net
	195.46.220.209/32  \ # mgn.net
	195.46.220.210/32  \ # mgn.net
	195.46.220.211/32  \ # mgn.net
	195.46.220.221/32  \ # mgn.net
	195.46.220.222/32  \ # mgn.net
	195.238.2.0/24     \ # skynet.be (wierd retry pattern)
	195.238.3.0/24     \ # skynet.be
	204.107.120.10/32  \ # Ameritrade (no retry)
	205.188.0.0/16     \ # AOL
	205.206.231.0/24   \ # SecurityFocus.com (unique sender)
	207.115.63.0/24    \ # Prodigy - retries continually
	207.171.168.0/24   \ # Amazon.com
	207.171.180.0/24   \ # Amazon.com
	207.171.187.0/24   \ # Amazon.com
	207.171.188.0/24   \ # Amazon.com
	207.171.190.0/24   \ # Amazon.com
	209.132.176.174/32 \ # sourceware.org mailing lists (unique sender)
	211.29.132.0/24    \ # optusnet.com.au (wierd retry pattern)
	213.136.52.31/32   \ # Mysql.com (unique sender)
	216.33.244.0/24    \ # Ebay
	217.158.50.178/32  \ # AXKit mailing list (unique sender)
}

# List of users that want greylisting
list "grey users" rcpt {  \
	user1@example.com \
	user2@example.com \
	user3@example.com \
}

# Give this a try if you enabled DNSRBL
#dnsrbl "SORBS DUN" dnsbl.sorbs.net 127.0.0.10

# And here is the access list
acl whitelist list "my network"
acl whitelist list "my friends"
acl whitelist list "broken mta"
#acl greylist list "grey users" dnsrbl "SORBS DUN" delay 24h autowhite 3d
acl greylist list "grey users" delay 30m autowhite 3d


# do nothing. to activate this for all change it to 'acl greylist default'
# BE CAREFUL, MONITOR YOUR LOGFILES, YOU MAY LOSE MAILS!!
acl whitelist default