Hi,
I'm attempting to check incoming connections against
dul.dnsbl.sorbs.net and then greylist only the matches. I would
like to explain why they are greylisted, in the temporary rejection
message. So at first thought I tried something like this:
######################################################################
acl_check_rcpt:
# .. a couple of obvious preliminary checks omitted ..
defer message = $acl_m1
!senders = :
!hosts = : +relay_from_hosts : \
${if exists {/etc/greylistd/whitelist-hosts}\
{/etc/greylistd/whitelist-hosts}{}} : \
${if exists {/var/lib/greylistd/whitelist-hosts}\
{/var/lib/greylistd/whitelist-hosts}{}}
!authenticated = *
!acl = acl_whitelist_local_deny
!acl = acl_check_skip_greylist
domains = +all_my_domains
verify = recipient/callout=20s,use_sender,defer_ok
condition = ${readsocket{/var/run/greylistd/socket}\
{--grey \
${mask:$sender_host_address/24} \
$sender_address \
$local_part@$domain}\
{5s}{}{false}}
# .. rest of RCPT ACL follows ..
acl_check_skip_greylist:
# The idea is to deny things I want to greylist then accept
# everything else
deny
set acl_m1 = You're being greylisted because $sender_host_address \
is listed at $dnslist_domain \
($dnslist_value: $dnslist_text). If you wish to \
avoid this in future then please make sure to use \
your ISP's mail server to send out \
email. $sender_host_address is not yet authorized \
to deliver mail from <$sender_address> to \
<$local_part@$domain>. Please try later.
dnslists = dul.dnsbl.sorbs.net
# .. some other checks ..
# Accept everything else
accept
######################################################################
Now, this works, but none of the dnslist_* variables get set, so the
message ends up looking a bit like:
You're being greylisted because 217.172.255.54 is listed at
(: ). If you wish to avoid this in future then please make
sure to use your ISP's mail server to send out email.
So how come this happens, and is there any way around it?
Cheers,
Andy