1. dnslists is used in blacklisting, not greylisting.
2. If you say sometimes it has problems with gmail, I'd simply add
!sender_domains = gmail.com
..which would take care of gmail.com
PS: I did not read your rules to understand what they do. I only tried to
answer your question.
On 13 June 2013 12:15, Raphael Bauduin <rblists@???> wrote:
> Hi,
>
> I'm working on a working greylisting setup, but it currently has some
> trouble with mail coming from gmail, because the different delivery
> attempts may use different IP addresses. that's why I wanted to add a
> whitelist check.
>
> To the defer directive (see bottom for the complete directive), I add the
> whitelist exception:
>
> !dnslists = list.dnswl.org
>
> and I also add an accept directive (I also tested with a warn directive)
>
> accept #or warn
> domains = +local_domains
> dnslists = list.dnswl.org
> logwrite = $sender_host_address is whitelisted
>
> When I send a mail from gmail, which is in the whitelist, I see this in the
> logs:
> 2013-06-13 10:35:30 skip defer greylist (header) <...@gmail.com> for
> <...@...>.
> 2013-06-13 10:35:30 209.85.219.45 is whitelisted
>
> So the new config is applied, but no further processing of the mail happens
> after that.
>
> It seems it is only when I restart exim with the old working config that
> the mail is delivered after some time.
> Notice that the greylist test does not take place anymore though. Here are
> the logs for the same mail:
>
> 2013-06-13 10:42:27 1Un30E-0006qj-5x DKIM: d=gmail.com s=20120113
> c=relaxed/relaxed a=rsa-sha256 [invalid - public key record (currently?)
> unavailable]
> 2013-06-13 10:42:27 1Un30E-0006qj-5x skip defer greylist (data) <...@
> gmail.com> for <...@...>
> 2013-06-13 10:42:29 1Un30E-0006qj-5x SA: Debug: SAEximRunCond expand
> returned: '1'
> 2013-06-13 10:42:29 1Un30E-0006qj-5x SA: Debug: check succeeded, running
> spamc
> 2013-06-13 10:42:32 1Un30E-0006qj-5x SA: Action: scanned but message isn't
> spam: score=-0.7 required=5.0 (scanned in 3/3 secs | Message-Id: ...@
> mail.gmail.com). From <...@gmail.com>
> (host=mail-oa0-f45.google.com[209.85.219.45]) for ...@...
> 2013-06-13 10:42:32 1Un30E-0006qj-5x <= ...@gmail.com H=
> mail-oa0-f45.google.com [209.85.219.45] P=esmtps
> X=TLS1.0:RSA_ARCFOUR_SHA1:16 S=4236 id=...@mail.gmail.com
> 2013-06-13 10:42:32 1Un30E-0006qj-5x => /mnt/mail/dest.... <... @...>
> R=userforward T=address_directory
> 2013-06-13 10:42:32 1Un30E-0006qj-5x Completed
>
>
> I don't understand the behaviour observed, and I wonder what I am
> misconfiguring.
>
> Thanks in advance for your help
>
> Raph
>
>
>
> #############################
> defer
> message = 451 4.3.2 $sender_host_address is not yet authorized
> to deliver \
> mail from <$sender_address> to <$local_part@$domain>.
> \
> Please try later.
> log_message = greylisted (header) <$sender_address>.
> # !dnslists = list.dnswl.org
> !senders = : \
> LDAP_LOOKUP_RESULT
> !hosts = : +relay_from_hosts : \
> ${if exists {/etc/greylistd/whitelist-hosts}\
> {/etc/greylistd/whitelist-hosts}{}} : \
> ${if exists {/var/lib/greylistd/whitelist-hosts}\
> {/var/lib/greylistd/whitelist-hosts}{}}
> !authenticated = *
> !acl = acl_local_deny_exceptions
> domains = +local_domains : +relay_to_domains
> verify = recipient/callout=20s,use_sender,defer_ok
> condition = ${readsocket{/var/run/greylistd/socket}\
> {--grey \
> $sender_host_address \
> $sender_address \
> $local_part@$domain}\
> {5s}{}{false}}
>
> ###########################
> # warn #or accept
> # domains = +local_domains
> # dnslists = list.dnswl.org
> # logwrite = $sender_host_address is whitelisted
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254733744121/+254722743223
"I can't hear you -- I'm using the scrambler."