Re: [exim] Issues with greylisting

Top Page
Delete this message
Reply to this message
Author: David Woodhouse
Date:  
To: Raymond Jette
CC: exim-users
Subject: Re: [exim] Issues with greylisting
On Fri, 2010-01-15 at 10:27 -0500, Raymond Jette wrote:
> That helped. I'm not further that I was put I am still having issues.
> Every connection is rejected even if the 5 minutes have passed. There is
> not to much on the internet on this. The configuration seems to be
> correct so im not sure why this is not working.


> >>> check set acl_m_greyident =
> ${hash{20}{62}{$sender_address$recipients$h_message-id:}}
> >>>                           = FRoqdLbSTv7yEg0BgDd2


Is that ident actually consistent? When the same mail is offered again
for a second time, is the ident the same?


> >>> warn: condition test succeeded
> >>> processing "warn"
> >>> check set acl_m_greyexpiry = ${lookup sqlite
> {/var/spool/exim/db/greylist.db SELECT expire FROM greylist WHERE
> id='${quote_sqlite:$acl_m_greyident}';}{$value}}
> >>>                            =


Found no existing record for this ident.

> >>> warn: condition test succeeded
> >>> processing "warn"
> >>> check condition = ${if eq {$acl_m_greyexpiry}{} {1}}
> >>>                 = 1
> >>> check set acl_m_dontcare = ${lookup sqlite
> {/var/spool/exim/db/greylist.db INSERT INTO greylist VALUES (
> '$acl_m_greyident', '${eval10:$tod_epoch+300}', '$sender_host_address',
> '${quote_sqlite:$sender_helo_name}' );}}
> >>>                          =
> >>> warn: condition test succeeded


OK, so it looks like the insertion into the database succeeded.

What happens if you look in the database manually?

# sqlite3 /var/spool/exim/db/greylist.db
sqlite> select * from greylist where id='FRoqdLbSTv7yEg0BgDd2';

Is there any output? Should look something like...
XDLeRvn5AXUA1ANXwjva|1263852799|95.66.103.182|misho

> >>> processing "defer"
> >>> check condition = ${if eq {$acl_m_greyexpiry}{} {1}}
> >>>                 = 1
> >>> check condition = ${lookup sqlite {/var/spool/exim/db/greylist.db
> SELECT expire FROM greylist WHERE
> id='${quote_sqlite:$acl_m_greyident}';} {1}}
> >>>                 = 1


This part of the code actually checks whether the insertion succeeded,
and it seems to think that it _did_ succeed.

If it fails (perhaps because exim didn't have write permission to the
database), then it should fall through to accepting the mail.

I don't know what's going wrong, but my first suspicion would be that
the mail ident is not the same from attempt to attempt for some reason.

Can you show me this kind of debug output for two consecutive attempts
to submit exactly the _same_ mail?

-- 
David Woodhouse                            Open Source Technology Centre
David.Woodhouse@???                              Intel Corporation