milter-greylist is a sendmail milter which implements the greylist filtering method, as proposed by Evan Harris.
Greylisting works by assuming that, unlike legitimate MTA, spam engines will not retry sending their junk mail on a temporary error. The filter will always reject mail temporarily on a first attempt, then accept it after some time has elapsed.
So this method of greylisting works very well if used with a combination of DNS-Based Blacklisting as the spammer would have gotten blacklisted in several real-time distributed black lists before the second attempt and effectively reducing spam emails.
Below is an outline of quickly building and installing the greylist milter and configuring sendmail to use the milter. This was done on a RHEL3 box.
-
Install sendmail-devel (to include libmilter) along with flex and bison rpm packages.
# up2date --install sendmail-devel flex bison
Download the stable release and build rpm of milter-greylist.
Reference: rpmbuild
$ wget ftp://ftp.espci.fr/pub/milter- greylist/milter-greylist-2.0.2 .tgz
$ rpmbuild -tb milter-greylist-2.0.2.tgz
Once the rpm is built, install via:
# rpm -ivh milter-greylist-2.0.2-1.i386.r pm
Setup it up to startup at boot:
# chkconfig milter-greylist on
Go through the default "/etc/mail/greylist.conf" configuration file, edit it and add addr lines for at least localhost and all your local network addresses. Here is an example:
acl whitelist addr 127.0.0.0/8
acl whitelist addr 192.0.2.0/24
acl whitelist addr 10.0.0.0/8
Type "man greylist.conf" for more information on the syntax. Start and test the milter. Check the maillog for any errors...
# tail -f /var/log/maillog
# services start milter-greylist
Modify sendmail.mc file to configure sendmail to use the milter.
INPUT_MAIL_FILTER(`greylist 39;,`S=local:/var/milter-greyl ist/milter-greylist.sock' )
Note: The single quotation marks are not all the same -- the first quotation mark in each pair is a backquote, the second is an apostrophe.
The line should be placed just after the dnsbl checks to work effectively. Here is how mine currently looks like:
# Start DNSBL BlockList
FEATURE(`dnsbl', `relays.ordb.org', `"554 Rejected "$&{client_addr}" ; - see http://ordb.org/"')d nl
FEATURE(`dnsbl', `bl.spamcop.net', `"554 Spam blocked - see http://spamcop.net/bl.shtml?&q uot;$&{client_addr}') dnl
FEATURE(`dnsbl', `dnsbl.sorbs.net', `"554 Rejected "$&{client_addr}" ; - see http://dnsbl.sorbs.net" 039;)dnl
FEATURE(`dnsbl', `cbl.abuseat.org', `"554 Rejected "$&{client_addr}" ; - see http://cbl.abuseat.org" 039;)dnl
FEATURE(`dnsbl', `sbl.spamhaus.org', `"554 Rejected "$&{client_addr}" ; - see http://www.spamhaus.org/SBL/&q uot;')dnl
# End DNSBL BlockList
# Start Greylisting
INPUT_MAIL_FILTER(`greylist& #039;, `S=local:/var/milter-greylist/ milter-greylist.sock')dnl
# End Greylisting
Use m4 to rebuild your sendmail.cf file from your modified sendmail.mc file.
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
Restart sendmail:
# service sendmail restart
Try sending mail from another server and check "/var/log/maillog" file for 'Greylisting in action' to verify the installation.
# grep 'Greylisting in action' /var/log/maillog
With greylisting in place, I have about a couple emails that get through the milter but is effectively tagged as SPAM by SpamAssassin and has my Inbox free of Spam!!
Related Links:
- sandip's blog
- Login or register to post comments
Comments
Spamhaus now have a new BL name called zen.spamhaus.org that will replace sbl-xbl.
"zen" will include sbl+xbl and also "pbl" list, which is a list of "Non-MTA IP address ranges set by the block owner's outbound mail policy". So an ISP/email admin can voluntarily submit a range of IP's on their network which are not allowed to send email.
Here's a brief from their site:
You can get more info at: http://www.spamhaus.org/zen/
Here's the md5sum with download link:
eb448ba2ab1af64d366e75e16d7f97 6a -- milter-greylist-2.0.2-1.i386.r pm
Built with smmsp user on RHEL3:
# rpmbuild -tb --define "build_user smmsp" milter-greylist-3.0.tgz
md5sum: f15 milter-greylist-3.0-1.i386.rpm
0e93358a6292462766df031b6861f
If you are using SIM to monitor your services, then below is simple "greylist.mod" you can add to the modules folder to monitor milter-greylist:
#sim_modv3x
#disable
proc_chkapp=1
init_name=milter-greylist
/>run_name=milter-greylist
serv_init $init_name $run_name 3
Turn the monitoring on by specifying it in the mods.control file:
init.greylist on