Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
12-12-2008, 11:09 AM
|
#1
|
Member
Registered: Sep 2003
Location: Florida
Distribution: Debian
Posts: 94
Rep:
|
Anyone using greylist for anti-spam?
I've had it up and running now for about a month, and nothing gets blacklisted, and it hasn't cut down on any spam. Here's the config file:
########################################################################
### FILE: /etc/greylistd/config
### PURPOSE: Configuration settings for the "greylistd(8)" daemon
########################################################################
[timeouts]
# Initial delay before previously unknown triplets are allowed to pass
# Default is 10 minutes = 600 seconds
retryMin = 3600
# Lifetime of triplets that have not been retried after initial delay
# Default is 8 hours = 28800 seconds
retryMax = 28800
# Lifetime of auto-whitelisted triplets that have allowed mail to pass
# Default is 60 days = 5,184,000 seconds
expire = 5184000
[socket]
# Path to the UNIX domain socket on which greylistd will listen.
# The parent directory must be writable by the user running 'greylistd'.
# Default path is "/var/run/greylistd/socket".
path = /var/run/greylistd/socket
# UNIX filemode of that socket. See "chmod(1)" for the meaning of this.
# Default mode is 0660.
mode = 0660
[data]
# Update interval -- save data to the filesystem if if has been more
# than this many seconds (default 600) since the last save.
update = 600
# Path to the file containing the current state of each data item (triplet),
# along with some general statistics.
# Default is "/var/lib/greylistd/states".
statefile = /var/lib/greylistd/states
# Path to the file that will contain the original, unhashed data for the
# "list" command. Default is "/var/lib/greylistd/triplets".
tripletfile = /var/lib/greylistd/triplets
# Whether or not to retain unhashed triplets, for the "list" command.
# Default is "true"
savetriplets = true
# Whether check/update also checks for an whitelist entry, which only
# contains the first word of the triplet, that is the IP address usually.
# If set to true, you can also insert general IP addresses/networks into the
# whitelist, without email addresses.
singlecheck = false
# Whether update only inserts the first word of the triplet into the
# whitelist, that is the IP address usually. Meant to be used in
# conjunction with singlecheck = true.
singleupdate = false
########## End greylist config #######################
I even emailed the author (since he published his email address and invited users with question to do so), but, of course, got no reply. I haven't seen this in any forums, and am wondering if anyone is using it.
TIA,
-- anw --
|
|
|
12-15-2008, 10:43 PM
|
#2
|
Member
Registered: Nov 2006
Location: Seattle, WA
Distribution: Fedora
Posts: 407
Rep:
|
Greylisting is quite a common tool that forms part of the defense against spam. But to have it do any good, it must be integrated with the mail-receiving daemon. You don't say which mail-handling system you use, but it would be a good idea to check your /var/log/maillog (or equivalent) to see if there are ever any uses of the greylisting facility that you have installed. It is entirely possible that you have a correctly-installed greylist daemon that is not being referenced.
I use Postfix, and integration with that system is pretty straightforward; the process is described here. Other mailer daemons will have different integration procedures, but the scheme is the same: all incoming mail is routed through the greylistd daemon, which returns either a yea or a nay. The mailer daemon then either accepts or rejects the incoming mail connection. When I first installed this daemon, about 75% of my incoming mail was rejected (essentially all spam). So you should definitely see a difference if it is working.
BTW, if you are not also using the Spamhaus blacklisting servers, I recommend them as well. I have had almost no trouble with false hits, their lists of known spammer addresses seem to be kept quite up-to-date.
|
|
|
12-20-2008, 11:42 AM
|
#3
|
Member
Registered: Sep 2003
Location: Florida
Distribution: Debian
Posts: 94
Original Poster
Rep:
|
Hey, thanks for the reply! Sorry I've been off-line for a while.
I use exim4,and I can see it grey listing in the log files, but the blacklist remains empty. I've adjusted the time for retries from the default 10 mins to 60 mins, no change. Here's what the statistics part of the /var/lib/greylistd/states file says:
Quote:
[statistics]
start = 1227410424
white = 1891
black = 0
grey = 17938
lastsave = 1229793852
|
Note black = 0.
And, yes, I've just recently started using Spamhaus, and have found as you that it works very well. The config how-to I used also had several others listed, and, as near as I can tell, they are all pretty good.
|
|
|
All times are GMT -5. The time now is 04:35 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|