We used to use some quite complex Greylisting controls, but over time we've
simplified down to the following
BATVKEY = mysecretkey
HASH =
${hmac{sha1}{BATVKEY}{${lc:$sender_address$sender_host_address$local_part@
$domain}}}
rcpt_acl:
#Various tests which put content into acl_c_grey if the connection is
perceived as poor. No Reverse DNS, invalid HELO/EHLO etc.
defer message = Greylisted
condition = ${if def:acl_c_grey}
!ratelimit = 1 / 1w / strict / HASH
accept
Simple but it works well for us. As always with Exim many ways of doing the
same thing, it is choosing the appropriate one for your own circumstances.
For info, our /var/spool/exim/db folder is a Linux tmpfs, so it is quick
too.
Keith
--
Keith Brazington
Quetz Limited
