-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathgreylist.conf
142 lines (130 loc) · 5.28 KB
/
greylist.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
#
# Simple greylisting config file using the new features
# See greylist2.conf for a more detailed list of available options
#
# $Id: greylist.conf,v 1.46 2009/02/12 22:38:20 manu Exp $
#
pidfile "/var/run/milter-greylist.pid"
socket "/var/milter-greylist/milter-greylist.sock"
dumpfile "/var/milter-greylist/greylist.db" 600
dumpfreq 1
user "smmsp"
# Log milter-greylist activity to a file
#stat ">>/var/milter-greylist/greylist.log" \
# "%T{%Y/%m/%d %T} %d [%i] %r -> %f %S (ACL %A) %Xc %Xe %Xm %Xh\n"
# Same, sent to syslog
#stat "|logger -p local7.info" \
# "%T{%Y/%m/%d %T} %d [%i] %r -> %f %S (ACL %A) %Xc %Xe %Xm %Xh"
# Be verbose (or use -v flag)
#verbose
# Do not tell spammer how long they have to wait
quiet
# MX peering
#peer 192.0.2.17
#peer 192.0.2.18
# Your own network, which should not suffer greylisting
list "my network" addr { 127.0.0.1/8 10.0.0.0/8 192.0.2.0/24 }
# This is a list of broken MTAs that break with greylisting. Derived from
# http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt?rev=1.16
list "broken mta" addr { \
12.5.136.141/32 \ # Southwest Airlines (unique sender)
12.5.136.142/32 \ # Southwest Airlines
12.5.136.143/32 \ # Southwest Airlines
12.5.136.144/32 \ # Southwest Airlines
12.107.209.244/32 \ # kernel.org (unique sender)
12.107.209.250/32 \ # sourceware.org (unique sender)
63.82.37.110/32 \ # SLmail
63.169.44.143/32 \ # Southwest Airlines
63.169.44.144/32 \ # Southwest Airlines
64.7.153.18/32 \ # sentex.ca (common pool)
64.12.136.0/24 \ # AOL (common pool)
64.12.137.0/24 \ # AOL
64.12.138.0/24 \ # AOL
64.124.204.39 \ # moveon.org (unique sender)
64.125.132.254/32 \ # collab.net (unique sender)
64.233.160.0/19 \ # Google
66.94.237.16/28 \ # Yahoo Groups servers (common pool)
66.94.237.32/28 \ # Yahoo Groups servers (common pool)
66.94.237.48/30 \ # Yahoo Groups servers (common pool)
66.100.210.82/32 \ # Groupwise?
66.135.192.0/19 \ # Ebay
66.162.216.166/32 \ # Groupwise?
66.206.22.82/32 \ # Plexor
66.206.22.83/32 \ # Plexor
66.206.22.84/32 \ # Plexor
66.206.22.85/32 \ # Plexor
66.218.66.0/23 \ # Yahoo Groups servers (common pool)
66.218.67.0/23 \ # Yahoo Groups servers (common pool)
66.218.68.0/23 \ # Yahoo Groups servers (common pool)
66.218.69.0/23 \ # Yahoo Groups servers (common pool)
66.27.51.218/32 \ # ljbtc.com (Groupwise)
66.102.0.0/20 \ # Google
66.249.80.0/20 \ # Google
72.14.192.0/18 \ # Google
74.125.0.0/16 \ # Google
152.163.225.0/24 \ # AOL
194.245.101.88/32 \ # Joker.com
195.235.39.19/32 \ # Tid InfoMail Exchanger v2.20
195.238.2.0/24 \ # skynet.be (wierd retry pattern, common pool)
195.238.3.0/24 \ # skynet.be
195.46.220.208/32 \ # mgn.net
195.46.220.209/32 \ # mgn.net
195.46.220.210/32 \ # mgn.net
195.46.220.211/32 \ # mgn.net
195.46.220.221/32 \ # mgn.net
195.46.220.222/32 \ # mgn.net
195.238.2.0/24 \ # skynet.be (wierd retry pattern)
195.238.3.0/24 \ # skynet.be
204.107.120.10/32 \ # Ameritrade (no retry)
205.188.0.0/16 \ # AOL
205.206.231.0/24 \ # SecurityFocus.com (unique sender)
207.115.63.0/24 \ # Prodigy - retries continually
207.171.168.0/24 \ # Amazon.com
207.171.180.0/24 \ # Amazon.com
207.171.187.0/24 \ # Amazon.com
207.171.188.0/24 \ # Amazon.com
207.171.190.0/24 \ # Amazon.com
209.132.176.174/32 \ # sourceware.org mailing lists (unique sender)
209.85.128.0/17 \ # Google
211.29.132.0/24 \ # optusnet.com.au (wierd retry pattern)
213.136.52.31/32 \ # Mysql.com (unique sender)
216.33.244.0/24 \ # Ebay
216.239.32.0/19 \ # Google
217.158.50.178/32 \ # AXKit mailing list (unique sender)
}
# List of users that want greylisting
list "grey users" rcpt { \
}
# Give this a try if you enabled DNSRBL
#dnsrbl "SORBS DUN" dnsbl.sorbs.net 127.0.0.10
#dnsrbl "SBL" sbl-xbl.spamhaus.org 127.0.0.2
#dnsrbl "CBL" sbl-xbl.spamhaus.org 127.0.0.4
#dnsrbl "NJABL" sbl-xbl.spamhaus.org 127.0.0.5
#dnsrbl "PBL" zen.spamhaus.org 127.0.0.10/31
#dnsrbl "MTAWL" list.dnswl.org 127.0.0.0/16
# Here is an example of user preference pulled from a LDAP directory
# (requires building --with-libcurl). If the milterGreylistStatus
# attribute is set to TRUE, then $usrRBL will be usable later in the
# ACL and will carry the values of the usrRBL attribute.
# urlcheck "userpref" \
# "ldap://localhost/dc=example,dc=net?milterGreylistStatus,usrRBL?one?mail=%r" \
# 30 getprop clear fork
# And here is the access list
racl whitelist list "my network"
racl whitelist list "broken mta"
#racl whitelist dnsrbl "MTAWL"
#racl blacklist urlcheck "userpref" $usrRBL "CBL" dnsrbl "CBL" \
# msg "Sender IP caught in CBL blacklist"
#racl blacklist $usrRBL "SBL" dnsrbl "BBL" \
# msg "Sender IP caught in SBL blacklist"
#racl blacklist $usrRBL "NJABL" dnsrbl "NJABL" \
# msg "Sender IP caught in NJABL blacklist"
#racl greylist list "grey users" dnsrbl "SORBS DUN" delay 24h autowhite 3d
racl greylist list "grey users" delay 30m autowhite 3d
racl whitelist default
# Example of content filtering for fighting image SPAM
#dacl blacklist body /src[:blank:]*=(3D)?[:blank:]*["']?[:blank:]*cid:/ \
# msg "Sorry, We do not accept images embedded in HTML"