LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 12-12-2008, 11:09 AM   #1
anw
Member
 
Registered: Sep 2003
Location: Florida
Distribution: Debian
Posts: 94

Rep: Reputation: 15
Anyone using greylist for anti-spam?


I've had it up and running now for about a month, and nothing gets blacklisted, and it hasn't cut down on any spam. Here's the config file:

########################################################################
### FILE: /etc/greylistd/config
### PURPOSE: Configuration settings for the "greylistd(8)" daemon
########################################################################

[timeouts]
# Initial delay before previously unknown triplets are allowed to pass
# Default is 10 minutes = 600 seconds
retryMin = 3600

# Lifetime of triplets that have not been retried after initial delay
# Default is 8 hours = 28800 seconds
retryMax = 28800

# Lifetime of auto-whitelisted triplets that have allowed mail to pass
# Default is 60 days = 5,184,000 seconds
expire = 5184000


[socket]
# Path to the UNIX domain socket on which greylistd will listen.
# The parent directory must be writable by the user running 'greylistd'.
# Default path is "/var/run/greylistd/socket".
path = /var/run/greylistd/socket

# UNIX filemode of that socket. See "chmod(1)" for the meaning of this.
# Default mode is 0660.
mode = 0660


[data]
# Update interval -- save data to the filesystem if if has been more
# than this many seconds (default 600) since the last save.
update = 600

# Path to the file containing the current state of each data item (triplet),
# along with some general statistics.
# Default is "/var/lib/greylistd/states".
statefile = /var/lib/greylistd/states

# Path to the file that will contain the original, unhashed data for the
# "list" command. Default is "/var/lib/greylistd/triplets".
tripletfile = /var/lib/greylistd/triplets

# Whether or not to retain unhashed triplets, for the "list" command.
# Default is "true"
savetriplets = true

# Whether check/update also checks for an whitelist entry, which only
# contains the first word of the triplet, that is the IP address usually.
# If set to true, you can also insert general IP addresses/networks into the
# whitelist, without email addresses.
singlecheck = false

# Whether update only inserts the first word of the triplet into the
# whitelist, that is the IP address usually. Meant to be used in
# conjunction with singlecheck = true.
singleupdate = false

########## End greylist config #######################

I even emailed the author (since he published his email address and invited users with question to do so), but, of course, got no reply. I haven't seen this in any forums, and am wondering if anyone is using it.

TIA,
-- anw --
 
Old 12-15-2008, 10:43 PM   #2
dkm999
Member
 
Registered: Nov 2006
Location: Seattle, WA
Distribution: Fedora
Posts: 407

Rep: Reputation: 35
Greylisting is quite a common tool that forms part of the defense against spam. But to have it do any good, it must be integrated with the mail-receiving daemon. You don't say which mail-handling system you use, but it would be a good idea to check your /var/log/maillog (or equivalent) to see if there are ever any uses of the greylisting facility that you have installed. It is entirely possible that you have a correctly-installed greylist daemon that is not being referenced.

I use Postfix, and integration with that system is pretty straightforward; the process is described here. Other mailer daemons will have different integration procedures, but the scheme is the same: all incoming mail is routed through the greylistd daemon, which returns either a yea or a nay. The mailer daemon then either accepts or rejects the incoming mail connection. When I first installed this daemon, about 75% of my incoming mail was rejected (essentially all spam). So you should definitely see a difference if it is working.

BTW, if you are not also using the Spamhaus blacklisting servers, I recommend them as well. I have had almost no trouble with false hits, their lists of known spammer addresses seem to be kept quite up-to-date.
 
Old 12-20-2008, 11:42 AM   #3
anw
Member
 
Registered: Sep 2003
Location: Florida
Distribution: Debian
Posts: 94

Original Poster
Rep: Reputation: 15
Hey, thanks for the reply! Sorry I've been off-line for a while.

I use exim4,and I can see it grey listing in the log files, but the blacklist remains empty. I've adjusted the time for retries from the default 10 mins to 60 mins, no change. Here's what the statistics part of the /var/lib/greylistd/states file says:
Quote:
[statistics]
start = 1227410424
white = 1891
black = 0
grey = 17938
lastsave = 1229793852
Note black = 0.

And, yes, I've just recently started using Spamhaus, and have found as you that it works very well. The config how-to I used also had several others listed, and, as near as I can tell, they are all pretty good.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Mandriva Postfix Anti-Spam, Anti-Virus Relay Server for Exchange Server 2000/2003 LXer Syndicated Linux News 0 06-29-2006 10:21 AM
Anti Virus/ Anti Spam for Linux? Sp@rticus Linux - Software 3 11-18-2005 02:17 AM
What other anti-spam for Linux that can be used, other than Spam assassin? johnportiz Linux - Software 6 01-27-2004 03:17 AM
Best Anti-spam and Anti-virus application? vittibaby Linux - Newbie 6 10-21-2003 07:21 AM
Creating an ultimate anti-virus and anti-spam email gateway markcc Linux - Networking 2 10-08-2003 03:10 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 04:35 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration