On Tue, 2007-02-06 at 15:54 +0100, Florian La Roche wrote:
> > Although it's useful to give examples of how to do such things, it's
> > also important not to make the _default_ configuration too baroque.
> > Debian gets this very wrong, which is why I've been slightly reluctant
> > to include more than the basics in the Fedora package. But these days I
> > suspect that greylisting _is_ counted amongst the basic requirements of
> > a public-facing mail server so I think I'll have to include it.
>
> Including this, but having it commented out sounds very good.
>
> > Would you (or anyone else, for that matter) be interested in being a
> > guinea pig to help me assess how easy it is for newbies to Exim to use
> > such a thing if I add it?
>
> I am ;-) I still run sendmail, but exim has been on my wishlist for
> a very long time now.
Ok, I've thrown together a fairly simple example of how to implement
greylisting in Exim. It's in exim-4.66-2.fc7, building in -devel now.
There's an 'exim-greylist' subpackage which contains a snippet of ACL
subroutine to do greylisting, along with a %post script to create the
sqlite tables, a cron job to expire old entries, etc. To use it, just
install the exim-greylist package, then edit /etc/exim/exim.conf and
uncomment the bits which refer to it.
By default, it only greylists mail which lacks a Message-Id: header.
There are examples in the config file which you can just uncomment and
tweak to trigger greylisting for other offences, including SA points,
RBLs, or you can just make it unconditional. As discussed, it remembers
the { IP, HELO } of any host which is observed to resend mail, and it
won't bother greylisting mail from that host again.
Please play with it and let me know if there are ways I could improve
it.
Packages (src and ppc; I don't have i386 rawhide to hand) at
http://david.woodhou.se/exim-greylist/
--
dwmw2
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
