1# 2# Simple greylisting config file using the new features 3# See greylist2.conf for a more detailed list of available options 4# 5# $Id: greylist.conf,v 1.50 2013/08/13 12:45:08 manu Exp $ 6# 7 8pidfile "/var/run/milter-greylist.pid" 9socket "/var/milter-greylist/milter-greylist.sock" 10dumpfile "/var/milter-greylist/greylist.db" 600 11dumpfreq 1 12user "mailnull:mailnull" 13 14 15# Log milter-greylist activity to a file 16#stat ">>/var/milter-greylist/greylist.log" \ 17# "%T{%Y/%m/%d %T} %d [%i] %f -> %r %S (ACL %A) %Xc %Xe %Xm %Xh\n" 18# Same, sent to syslog 19#stat "|logger -p local7.info" \ 20# "%T{%Y/%m/%d %T} %d [%i] %f -> %r %S (ACL %A) %Xc %Xe %Xm %Xh" 21 22# Be verbose (or use -v flag) 23#verbose 24 25# Do not tell spammer how long they have to wait 26quiet 27 28# MX peering 29#peer 192.0.2.17 30#peer 192.0.2.18 31 32# Your own network, which should not suffer greylisting 33list "my network" addr { 127.0.0.1/8 10.0.0.0/8 192.0.2.0/24 } 34 35# This is a list of broken MTAs that break with greylisting. Derived from 36# http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt?rev=1.16 37list "broken mta" addr { \ 38 12.5.136.141/32 \ # Southwest Airlines (unique sender) 39 12.5.136.142/32 \ # Southwest Airlines 40 12.5.136.143/32 \ # Southwest Airlines 41 12.5.136.144/32 \ # Southwest Airlines 42 12.107.209.244/32 \ # kernel.org (unique sender) 43 12.107.209.250/32 \ # sourceware.org (unique sender) 44 63.82.37.110/32 \ # SLmail 45 63.169.44.143/32 \ # Southwest Airlines 46 63.169.44.144/32 \ # Southwest Airlines 47 64.7.153.18/32 \ # sentex.ca (common pool) 48 64.12.136.0/24 \ # AOL (common pool) 49 64.12.137.0/24 \ # AOL 50 64.12.138.0/24 \ # AOL 51 64.124.204.39 \ # moveon.org (unique sender) 52 64.125.132.254/32 \ # collab.net (unique sender) 53 64.233.160.0/19 \ # Google 54 66.94.237.16/28 \ # Yahoo Groups servers (common pool) 55 66.94.237.32/28 \ # Yahoo Groups servers (common pool) 56 66.94.237.48/30 \ # Yahoo Groups servers (common pool) 57 66.100.210.82/32 \ # Groupwise? 58 66.135.192.0/19 \ # Ebay 59 66.162.216.166/32 \ # Groupwise? 60 66.206.22.82/32 \ # Plexor 61 66.206.22.83/32 \ # Plexor 62 66.206.22.84/32 \ # Plexor 63 66.206.22.85/32 \ # Plexor 64 66.218.66.0/23 \ # Yahoo Groups servers (common pool) 65 66.218.67.0/23 \ # Yahoo Groups servers (common pool) 66 66.218.68.0/23 \ # Yahoo Groups servers (common pool) 67 66.218.69.0/23 \ # Yahoo Groups servers (common pool) 68 66.27.51.218/32 \ # ljbtc.com (Groupwise) 69 66.102.0.0/20 \ # Google 70 66.249.80.0/20 \ # Google 71 72.14.192.0/18 \ # Google 72 74.125.0.0/16 \ # Google 73 152.163.225.0/24 \ # AOL 74 194.245.101.88/32 \ # Joker.com 75 195.235.39.19/32 \ # Tid InfoMail Exchanger v2.20 76 195.238.2.0/24 \ # skynet.be (wierd retry pattern, common pool) 77 195.238.3.0/24 \ # skynet.be 78 195.46.220.208/32 \ # mgn.net 79 195.46.220.209/32 \ # mgn.net 80 195.46.220.210/32 \ # mgn.net 81 195.46.220.211/32 \ # mgn.net 82 195.46.220.221/32 \ # mgn.net 83 195.46.220.222/32 \ # mgn.net 84 195.238.2.0/24 \ # skynet.be (wierd retry pattern) 85 195.238.3.0/24 \ # skynet.be 86 204.107.120.10/32 \ # Ameritrade (no retry) 87 205.188.0.0/16 \ # AOL 88 205.206.231.0/24 \ # SecurityFocus.com (unique sender) 89 207.115.63.0/24 \ # Prodigy - retries continually 90 207.171.168.0/24 \ # Amazon.com 91 207.171.180.0/24 \ # Amazon.com 92 207.171.187.0/24 \ # Amazon.com 93 207.171.188.0/24 \ # Amazon.com 94 207.171.190.0/24 \ # Amazon.com 95 209.132.176.174/32 \ # sourceware.org mailing lists (unique sender) 96 209.85.128.0/17 \ # Google 97 211.29.132.0/24 \ # optusnet.com.au (wierd retry pattern) 98 213.136.52.31/32 \ # Mysql.com (unique sender) 99 216.33.244.0/24 \ # Ebay 100 216.239.32.0/19 \ # Google 101 217.158.50.178/32 \ # AXKit mailing list (unique sender) 102} 103 104# List of users that want greylisting 105list "grey users" rcpt { \ 106 user1@example.com \ 107 user2@example.com \ 108 user3@example.com \ 109} 110 111# Give this a try if you enabled DNSRBL 112#dnsrbl "SORBS DUN" dnsbl.sorbs.net 127.0.0.10 113#dnsrbl "SBL" sbl-xbl.spamhaus.org 127.0.0.2 114#dnsrbl "CBL" sbl-xbl.spamhaus.org 127.0.0.4 115#dnsrbl "NJABL" sbl-xbl.spamhaus.org 127.0.0.5 116#dnsrbl "PBL" zen.spamhaus.org 127.0.0.10/31 117#dnsrbl "MTAWL" list.dnswl.org 127.0.0.0/16 118 119# Here is an example of user preference pulled from a LDAP directory 120# (requires building --with-libcurl). If the milterGreylistStatus 121# attribute is set to TRUE, then $usrRBL will be usable later in the 122# ACL and will carry the values of the usrRBL attribute. 123# urlcheck "userpref" \ 124# "ldap://localhost/dc=example,dc=net?milterGreylistStatus,usrRBL?one?mail=%r" \ 125# 30 getprop clear fork 126 127racl continue from /.*/ addheader "X-Greylist: inspected by %V for IP:'%i' DOMAIN:'%d' HELO:'%h' FROM:'%f' RCPT:'%r'" 128 129# And here is the access list 130racl whitelist list "my network" 131racl whitelist list "broken mta" 132#racl whitelist dnsrbl "MTAWL" 133#racl blacklist urlcheck "userpref" $usrRBL "CBL" dnsrbl "CBL" \ 134# msg "Sender IP caught in CBL blacklist" 135#racl blacklist $usrRBL "SBL" dnsrbl "BBL" \ 136# msg "Sender IP caught in SBL blacklist" 137#racl blacklist $usrRBL "NJABL" dnsrbl "NJABL" \ 138# msg "Sender IP caught in NJABL blacklist" 139#racl greylist list "grey users" dnsrbl "SORBS DUN" delay 24h autowhite 3d 140racl greylist list "grey users" delay 30m autowhite 3d 141racl whitelist default 142 143# Example of content filtering for fighting image SPAM 144#dacl blacklist body /src[:blank:]*=(3D)?[:blank:]*["']?[:blank:]*cid:/ \ 145# msg "Sorry, We do not accept images embedded in HTML" 146