# # Simple greylisting config file using the new features # See greylist2.conf for a more detailed list of available options # # $Id: greylist.conf,v 1.45.2.1 2009/02/12 22:39:01 manu Exp $ # pidfile "/var/run/milter-greylist.pid" socket "/var/milter-greylist/milter-greylist.sock" dumpfile "/var/milter-greylist/greylist.db" 600 dumpfreq 1 user "mailnull" autowhite 4w greylist 3m # Do not tell spammer how long they have to wait quiet # Your own network, which should not suffer greylisting list "my network" addr {127.0.0.1/8 \ 10.0.0.0/8 \ } ldapconf "ldap://localhost" ldapcheck "uucpsite_ar" "ldap://nohost/ou=mitglieder,o=augusta,c=de?acfMailOptions,milterGreylistDelay,acfuucpSiteAktiv,acfuucpValidAddresses?sub?(&(acfuucpSiteAktiv=TRUE)(sendmailMTAKey=%sr)(acfuucpValidAddresses=*))" ldapcheck "uucpsite_au" "ldap://nohost/ou=mitglieder,o=augusta,c=de?acfMailOptions,milterGreylistDelay,acfuucpSiteAktiv?sub?(&(acfuucpSiteAktiv=TRUE)(sendmailMTAKey=%sr)(objectClass=acfUUCPSite))" ldapcheck "uucpsite_i" "ldap://nohost/ou=mitglieder,o=augusta,c=de?acfMailOptions,acfuucpSiteAktiv?sub?(&(acfuucpSiteAktiv=FALSE)(sendmailMTAKey=%sr))" ldapcheck "domainuser" "ldap://nohost/ou=mitglieder,o=augusta,c=de?acfMailOptions,sendmailMTAMapName?sub?(|(sendmailMTAKey=%r)(sendmailMTAKey=\*@%sr))" ldapcheck "manageddomain" "ldap://nohost/ou=mitglieder,o=augusta,c=de?acfDomainName?sub?(acfDomainName=%sr)" ldapcheck "ingauser" "ldap://nohost/ou=mitglieder,o=augusta,c=de?acfMailOptions,milterGreylistDelay?sub?(acfLogin=%mr)" ldapcheck "ingaalias" "ldap://nohost/ou=mitglieder,o=augusta,c=de?acfMailOptions,milterGreylistDelay?sub?(&(objectClass=acfMailAlias)(sendmailMTAKey=%mr))" ldapcheck "systemaliases" "ldap://nohost/ou=Mailserver,ou=Services,o=augusta,c=de?acfMailOptions,milterGreylistDelay?sub?(&(objectClass=acfMailAlias)(sendmailMTAKey=%mr))" ldapcheck "systemtable" "ldap://nohost/ou=Mailserver,ou=Services,o=augusta,c=de?acfMailOptions,acfValidUsers,milterGreylistDelay?sub?(|(sendmailMTAKey=%sr)(sendmailMTAKey=%r))" # This is a list of broken MTAs that break with greylisting. Derived from # http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt?rev=1.16 list "broken mta" addr { \ 12.5.136.141/32 \ # Southwest Airlines (unique sender) 12.5.136.142/32 \ # Southwest Airlines 12.5.136.143/32 \ # Southwest Airlines 12.5.136.144/32 \ # Southwest Airlines 12.107.209.244/32 \ # kernel.org (unique sender) 12.107.209.250/32 \ # sourceware.org (unique sender) 63.82.37.110/32 \ # SLmail 63.169.44.143/32 \ # Southwest Airlines 63.169.44.144/32 \ # Southwest Airlines 64.7.153.18/32 \ # sentex.ca (common pool) 64.12.136.0/24 \ # AOL (common pool) 64.12.137.0/24 \ # AOL 64.12.138.0/24 \ # AOL 64.124.204.39 \ # moveon.org (unique sender) 64.125.132.254/32 \ # collab.net (unique sender) 64.233.160.0/19 \ # Google 66.94.237.16/28 \ # Yahoo Groups servers (common pool) 66.94.237.32/28 \ # Yahoo Groups servers (common pool) 66.94.237.48/30 \ # Yahoo Groups servers (common pool) 66.100.210.82/32 \ # Groupwise? 66.135.192.0/19 \ # Ebay 66.162.216.166/32 \ # Groupwise? 66.206.22.82/32 \ # Plexor 66.206.22.83/32 \ # Plexor 66.206.22.84/32 \ # Plexor 66.206.22.85/32 \ # Plexor 66.218.66.0/23 \ # Yahoo Groups servers (common pool) 66.218.67.0/23 \ # Yahoo Groups servers (common pool) 66.218.68.0/23 \ # Yahoo Groups servers (common pool) 66.218.69.0/23 \ # Yahoo Groups servers (common pool) 66.27.51.218/32 \ # ljbtc.com (Groupwise) 66.102.0.0/20 \ # Google 66.249.80.0/20 \ # Google 72.14.192.0/18 \ # Google 74.125.0.0/16 \ # Google 152.163.225.0/24 \ # AOL 194.245.101.88/32 \ # Joker.com 195.235.39.19/32 \ # Tid InfoMail Exchanger v2.20 195.238.2.0/24 \ # skynet.be (wierd retry pattern, common pool) 195.238.3.0/24 \ # skynet.be 195.46.220.208/32 \ # mgn.net 195.46.220.209/32 \ # mgn.net 195.46.220.210/32 \ # mgn.net 195.46.220.211/32 \ # mgn.net 195.46.220.221/32 \ # mgn.net 195.46.220.222/32 \ # mgn.net 195.238.2.0/24 \ # skynet.be (wierd retry pattern) 195.238.3.0/24 \ # skynet.be 204.107.120.10/32 \ # Ameritrade (no retry) 205.188.0.0/16 \ # AOL 205.206.231.0/24 \ # SecurityFocus.com (unique sender) 207.115.63.0/24 \ # Prodigy - retries continually 207.171.168.0/24 \ # Amazon.com 207.171.180.0/24 \ # Amazon.com 207.171.187.0/24 \ # Amazon.com 207.171.188.0/24 \ # Amazon.com 207.171.190.0/24 \ # Amazon.com 209.132.176.174/32 \ # sourceware.org mailing lists (unique sender) 209.85.128.0/17 \ # Google 211.29.132.0/24 \ # optusnet.com.au (wierd retry pattern) 213.136.52.31/32 \ # Mysql.com (unique sender) 216.33.244.0/24 \ # Ebay 216.239.32.0/19 \ # Google 217.158.50.178/32 \ # AXKit mailing list (unique sender) 217.243.211.80/32 \ # staatliche Lotterieverwaltung <- schickt nur einmal wie bescheuert 66.211.161.0/24 \ # EBay 66.211.184.0/24 \ # EBay 212.227.126.0/24 \ # moutng.kundenserver.de 212.227.17.8/32 \ # moutng.kundenserver.de 212.227.17.9/32 \ # moutng.kundenserver.de 212.227.17.10/32 \ # moutng.kundenserver.de } # And here is the access list racl whitelist list "my network" racl whitelist list "broken mta" # Ein paar feste user greylisten list "grey users" rcpt { \ root@augusta.de \ root@inga.augusta.de \ } racl greylist list "grey users" delay 60m autowhite 1d # Normale Inga Benutzer racl greylist ldapcheck "systemaliases" $acfMailOptions "greylisting" racl greylist ldapcheck "systemtable" $acfMailOptions "greylisting" $acfMailOptions "filterusers" $acfValidUsers "%mr" racl whitelist ldapcheck "systemtable" $acfMailOptions "filterusers" $acfValidUsers "%mr" racl blacklist ldapcheck "systemtable" $acfMailOptions "filterusers" code "551" ecode "5.1.1" msg "User unknown" racl greylist ldapcheck "systemtable" $acfMailOptions "greylisting" # Inaktive UUCP Sites racl blacklist rcpt /.*@.*\.augusta\.de/ ldapcheck "uucpsite_i" $acfuucpSiteAktiv "FALSE" code "550" ecode "5.4.4" msg "Unable to Route" # Aktive UUCP Sites bei denen die Benutzer bekant sind racl greylist rcpt /.*@.*\.augusta\.de/ ldapcheck "uucpsite_ar" $acfuucpSiteAktiv "TRUE" $acfuucpValidAddresses "%mr" $acfMailOptions "greylisting" racl whitelist rcpt /.*@.*\.augusta\.de/ ldapcheck "uucpsite_ar" $acfuucpSiteAktiv "TRUE" $acfuucpValidAddresses "%mr" racl blacklist rcpt /.*@.*\.augusta\.de/ ldapcheck "uucpsite_ar" $acfuucpSiteAktiv "TRUE" code "550" ecode "5.4.4" msg "Unable to Route" # Aktive UUCP Sites ohne Bekannte Benutzer racl greylist rcpt /.*@.*\.augusta\.de/ ldapcheck "uucpsite_au" $acfuucpSiteAktiv "TRUE" $acfMailOptions "greylisting" # Domain User racl blacklist ldapcheck "domainuser" $acfMailOptions "userblock" code "551" ecode "5.1.1" msg "User unknown" racl greylist ldapcheck "domainuser" $acfMailOptions "greylisting" racl whitelist ldapcheck "domainuser" $sendmailMTAMapName "virtuser" racl blacklist ldapcheck "manageddomain" code "551" ecode "5.1.1" msg "User unknown" # Geblockte Benutzer racl blacklist ldapcheck "ingauser" $acfMailOptions "blocked" code "552" ecode "5.2.2" msg "Mailbox disabled, blocked by Admin" racl blacklist ldapcheck "ingaalias" $acfMailOptions "blocked" code "552" ecode "5.2.2" msg "Mailbox disabled, blocked by Admin" racl blacklist ldapcheck "ingauser" $acfMailOptions "userblock" code "551" ecode "5.1.1" msg "User unknown" racl blacklist ldapcheck "ingaalias" $acfMailOptions "userblock" code "551" ecode "5.1.1" msg "User unknown" # Normale Inga Benutzer racl greylist ldapcheck "ingauser" $acfMailOptions "greylisting" racl greylist ldapcheck "ingaalias" $acfMailOptions "greylisting" racl whitelist default