Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: exim: users

add recipient of sent mail to greylistd as whitelisted

 

 

exim users RSS feed   Index | Next | Previous | View Threaded


w.fuertbauer at gmx

Aug 8, 2012, 3:38 AM

Post #1 of 4 (580 views)
Permalink
add recipient of sent mail to greylistd as whitelisted

dear group,

I'm using Tom Slettnes greylistd with exim and it's working pretty well.
In order to raise comfort for users, I'd like to add a whitelist entry
for recipients of mail leaving my domain.
Anybody an idea how to do that?

BR

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/


Chris.Knadle at coredump

Aug 9, 2012, 7:04 PM

Post #2 of 4 (554 views)
Permalink
Re: add recipient of sent mail to greylistd as whitelisted [In reply to]

On Wednesday, August 08, 2012 06:38:57, Wolfgang Fürtbauer wrote:
> dear group,
>
> I'm using Tom Slettnes greylistd with exim and it's working pretty well.
> In order to raise comfort for users, I'd like to add a whitelist entry
> for recipients of mail leaving my domain.
> Anybody an idea how to do that?

greylistd whitelist entries typically take the form of:

<incoming IP address> <sending email addr> <recipient email addr>


but when you have email outbound on your server, you'll only have two of
these. In theory you could write an ACL rule that when an email is being sent
outbound by one of your users that outputs either to a script via a pipe or to
a program via dlfunc that makes a connection to greylistd to make a whitelist
entry.


Realistically I'd like to find a way to implement "whole server whitelisting"
which was brought up on this list recently. i.e. when an email is correctly
retried, a whitelist entry is made for that server or that source IP address.
Because for instance it's silly to greylist all of GMail, and doing so is just
a waste of resources on both sides -- and same with any other legitimate mail
server.

-- Chris

--
Chris Knadle
Chris.Knadle [at] coredump

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/


exim-users at spodhuis

Aug 9, 2012, 7:59 PM

Post #3 of 4 (559 views)
Permalink
Re: add recipient of sent mail to greylistd as whitelisted [In reply to]

On 2012-08-09 at 22:04 -0400, Chris Knadle wrote:
> Realistically I'd like to find a way to implement "whole server whitelisting"
> which was brought up on this list recently. i.e. when an email is correctly
> retried, a whitelist entry is made for that server or that source IP address.
> Because for instance it's silly to greylist all of GMail, and doing so is just
> a waste of resources on both sides -- and same with any other legitimate mail
> server.

I encourage folks to take a look at two DNSxL whitelists:

* list.dnswl.org
-- the original one (AFAIK), fairly open
* swl.spamhaus.org
-- came out in 2010, invitation only presence, major players only

GMail's mailservers tend to make it into list.dnswl.org, I believe just
by community action, not through participation on Google's part (and
you're better off tracking reputation for Google's servers per-IP if
you're worried about the spam which does make it out).

Myself, I use something like:

accept !condition = WHITELIST_CACHE_LOOKUP
!dnslists = list.dnswl.org : swl.spamhaus.org
dnslists = zen.spamhaus.org
message = ....

where WHITELIST_CACHE_LOOKUP is an sqlite3 lookup against a DB populated
from server logs, so that known good senders stay whitelisted. (If
someone is actively whitelisted, that goes away much more rarely than a
temporary blacklist presence, rapidly fixed, so I aggressively cache,
since these lookups are in-path for much else).

That same !condition,!dnslists precedes a couple of other checks too, so
as to bypass things like greylisting.

-Phil

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/


dlugo at etherboy

Aug 10, 2012, 7:17 PM

Post #4 of 4 (550 views)
Permalink
Re: add recipient of sent mail to greylistd as whitelisted [In reply to]

On 8/8/12 6:38 AM, "Wolfgang Fürtbauer" wrote:
> dear group,
>
> I'm using Tom Slettnes greylistd with exim and it's working pretty well.
> In order to raise comfort for users, I'd like to add a whitelist entry
> for recipients of mail leaving my domain.
> Anybody an idea how to do that?
>
> BR
>

Hi,

You might be interested in this:

https://lists.exim.org/lurker/message/20070831.135525.1da8be11.en.html

Best regards,

Dave


--
--------------------------------------------------------
Dave Lugo dlugo [at] etherboy No spam, thanks.
Are you the police? . . . No ma'am, we're sysadmins.
--------------------------------------------------------

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

exim users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.