Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Message

Re: [milter-greylist] tune behavior according to SPF test

2015-08-26 by Patrick Proniewski

On 26 août 2015, at 20:58, Jim Klimov jimklimov@... [milter-greylist] wrote:

> 26 августа 2015 г. 13:44:14 CEST, "patpro@... [milter-greylist]" <milter-greylist@yahoogroups.com> пишет:
>> Hi,
>> 
>> I would like to trigger a different behavior for different users.
>> Basically, I need:
>> 
>> - rcpt @... to be greylisted -> always, for a given delay
>> - other rcpt to be greylisted -> only if SPF test fails, for a
>> different delay
>> 
>> I've tried:
>> 
>> racl greylist rcpt /@...$/ delay 5h autowhite 2d
>> racl greylist default delay 2m autowhite 5d
>> 
>> but of course a successful SPF test yields to whitelist "rcpt
>> /@...$/". So I've tried:
>> 
>> racl greylist rcpt /@...$/ delay 5h autowhite 2d
>> racl whitelist spf pass
>> racl greylist default delay 2m autowhite 5d
>> 
>> but again, "racl whitelist spf pass" triggers even if rcpt matches
>> /@...$/.
>> 
>> Any idea?
>> 
>> regards,
>> pat
> 
> You can use variable assignments to store results of tests (such as spf hit) and then build some result actions (gwb-lists with various timeouts and messages) based on collected score(s). It is not that well documented, so look up list archives for Manu's advice to myself about 1-2 years ago.


Thanks for the tip, I'll try ASAP. But in the mean time, I'm very surprised… the man greylist.conf clearly states:

       Entries in the access-list are evaluated sequentially, so order is very
       important. The first matching entry is used to decide if a message will
       be whitelisted or greylisted. A special default clause can be  used  in
       the  last  ACL  entry as a wildcard.

End provides examples. So according to this documentation, this should yield to the proper result:

>> racl greylist rcpt /@...$/ delay 5h autowhite 2d
>> racl whitelist spf pass
>> racl greylist default delay 2m autowhite 5d

(I've tried /.*@sub\.domain\.tld$/ also)

If rcpt match the RE, evaluation should stop at first line.
If rcpt does not match, it should either match spf pass or default.

In real life, this does not work.

regards,
Pat

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.