Milter-greylist

I have the following lines in greylist.conf as a test:

racl whitelist from /@yahoo\.com$/
dacl blacklist from /@yahoo\.com$/ dkim none msg "Missing DKIM signature"
dacl whitelist from /@yahoo\.com$/ dkim pass addheader "X-DKIM: pass"

Logging shows that NONE of these hit on emails from yahoo.com. Tried both extended and non extended regex. Using milter-greylist 4.3.9

Not sure if the first line is really needed since default is whitelist for racl. The logging says that the email matched the last dacl rule, which is merely a whitelist that is after the 3 lines I provided here. The racl shows it matched the default racl whitelist line, which is also after the 3 lines shown here. So, even racl from did not match yahoo.com

Does it need a trailing > perhaps? What could be wrong?

compconsultant <Compconsultant@...> wrote:

> Logging shows that NONE of these hit on emails from yahoo.com. 

You ran with milter-greylsit -Dvl from the command line? What does it
says?

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

--- In milter-greylist@yahoogroups.com, manu@... wrote:
>
> compconsultant <Compconsultant@...> wrote:
> 
> > Logging shows that NONE of these hit on emails from yahoo.com. 
> 
> You ran with milter-greylsit -Dvl from the command line? What does it
> says?
> 

Looks like the trailing > did the trick. Weird to me sicne none of the examples I've seen on this group have ever shown a trailing >

This is with postfix 2.8.4

Do you see anything wrong with this strategy as far as DKIM? My understanding is that the following companies sign ALL their messages:

gmail
yahoo
ebay
paypal

So, it should be possible to say if mail comes from those, and, is not signed, it's forged. Or, if mail comes from those, and, it is signed, it's whitelisted.

Any flaw in this thinking?

compconsultant <Compconsultant@...> wrote:

> Looks like the trailing > did the trick. Weird to me sicne none of the
> examples I've seen on this group have ever shown a trailing >

What ACL do you have now? Would you copy/paste the relevant lines?

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

--- In milter-greylist@yahoogroups.com, manu@... wrote:
> What ACL do you have now? Would you copy/paste the relevant lines?
> 

dacl blacklist from /@yahoo\.com>$/ dkim none msg "Missing DKIM signature"
dacl whitelist from /@yahoo\.com>$/ dkim pass

compconsultant <Compconsultant@...> wrote:

> Any flaw in this thinking?

No, it seems fine. Except that this filtering occurs after greylisting
(because it is at DATA stage). 

Let us know how it works, it may be worth being added to the samle
config file.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...