Hi,
I'm working on a working greylisting setup, but it currently has some
trouble with mail coming from gmail, because the different delivery
attempts may use different IP addresses. that's why I wanted to add a
whitelist check.
To the defer directive (see bottom for the complete directive), I add the
whitelist exception:
!dnslists = list.dnswl.org
and I also add an accept directive (I also tested with a warn directive)
accept #or warn
domains = +local_domains
dnslists = list.dnswl.org
logwrite = $sender_host_address is whitelisted
When I send a mail from gmail, which is in the whitelist, I see this in the
logs:
2013-06-13 10:35:30 skip defer greylist (header) <...@gmail.com> for
<...@...>.
2013-06-13 10:35:30 209.85.219.45 is whitelisted
So the new config is applied, but no further processing of the mail happens
after that.
It seems it is only when I restart exim with the old working config that
the mail is delivered after some time.
Notice that the greylist test does not take place anymore though. Here are
the logs for the same mail:
2013-06-13 10:42:27 1Un30E-0006qj-5x DKIM: d=gmail.com s=20120113
c=relaxed/relaxed a=rsa-sha256 [invalid - public key record (currently?)
unavailable]
2013-06-13 10:42:27 1Un30E-0006qj-5x skip defer greylist (data) <...@
gmail.com> for <...@...>
2013-06-13 10:42:29 1Un30E-0006qj-5x SA: Debug: SAEximRunCond expand
returned: '1'
2013-06-13 10:42:29 1Un30E-0006qj-5x SA: Debug: check succeeded, running
spamc
2013-06-13 10:42:32 1Un30E-0006qj-5x SA: Action: scanned but message isn't
spam: score=-0.7 required=5.0 (scanned in 3/3 secs | Message-Id: ...@
mail.gmail.com). From <...@gmail.com>
(host=mail-oa0-f45.google.com[209.85.219.45]) for ...@...
2013-06-13 10:42:32 1Un30E-0006qj-5x <= ...@gmail.com H=
mail-oa0-f45.google.com [209.85.219.45] P=esmtps
X=TLS1.0:RSA_ARCFOUR_SHA1:16 S=4236 id=...@mail.gmail.com
2013-06-13 10:42:32 1Un30E-0006qj-5x => /mnt/mail/dest.... <... @...>
R=userforward T=address_directory
2013-06-13 10:42:32 1Un30E-0006qj-5x Completed
I don't understand the behaviour observed, and I wonder what I am
misconfiguring.
Thanks in advance for your help
Raph
#############################
defer
message = 451 4.3.2 $sender_host_address is not yet authorized
to deliver \
mail from <$sender_address> to <$local_part@$domain>. \
Please try later.
log_message = greylisted (header) <$sender_address>.
# !dnslists = list.dnswl.org
!senders = : \
LDAP_LOOKUP_RESULT
!hosts = : +relay_from_hosts : \
${if exists {/etc/greylistd/whitelist-hosts}\
{/etc/greylistd/whitelist-hosts}{}} : \
${if exists {/var/lib/greylistd/whitelist-hosts}\
{/var/lib/greylistd/whitelist-hosts}{}}
!authenticated = *
!acl = acl_local_deny_exceptions
domains = +local_domains : +relay_to_domains
verify = recipient/callout=20s,use_sender,defer_ok
condition = ${readsocket{/var/run/greylistd/socket}\
{--grey \
$sender_host_address \
$sender_address \
$local_part@$domain}\
{5s}{}{false}}
###########################
# warn #or accept
# domains = +local_domains
# dnslists = list.dnswl.org
# logwrite = $sender_host_address is whitelisted
