Grey Listing

繁體中文版

[ Current Release 4.2.2-0 ] for Fedora 11


milter-greylist is now supported by Fedora starting from Fedora 7.


Anybody using email will definitely know what spam is, since spam has been inundating mail servers all over the world. If you are using the Linux OS to host your mail server, spamassassin is de rigueur for spam filtering. Although spamassassin is really a very good spam filter, it nevertheless requires a lot of system resources, especially it requires lots of RAM. Finding something that decreases usage of system resources should be ideal. And yes, there is such a thing called Grey Listing.

SpamAssassin uses whitelist and blacklist in filtering emails. But it does not support the third list which is greylist.

Grey listing, is a filtering method proposed by Evan Harris. The basic idea is that the MTA (Mail Transfer Agent) used by spam will not bother checking whether the remote mail server accepted or not the mail it has sent. RFC conformant MTA will resent the email if the remote mail server causes an error. It will continue to send the mail until it is received by the remote mail server.

So, what grey listing does is to reject the mail the first time it receives the mail. After waiting for a certain amount of time, if the same mail is resent, then grey listing will accept it. The idea seems to be very simple, yet according to a test done, grey listing can dispose 95% of spam. The remaining 5% can be given to spamassassin to process.

If you want to install milter-greylist, you must ascertain that you have sendmail, sendmail-cf, sendmail-devel, bison and flex installed. The required version of sendmail, sendmail-cf and sendmail-devel is >= 8.11. The version of sendmail that you are using should have support for the milter (mail filter) API. The sendmail package that comes with Redhat and Fedora meets these requirements.

Fedora 11 supports milter-greylist. Here I will describe how to install milter-greylist in Fedora 11.

Installation:

  1. milter-greylist in Fedora 11 requires the following packages and must be installed before milter-greylist:

  2. Install the following 2 milter-greylist rpm packages:

    After the installation, you should edit /etc/mail/greylist.conf to suit your needs. At least the following should be changed:

    1. The following line should be changed according to you own network setup:
      list "my network" addr { 127.0.0.1/8 10.0.0.0/8 192.0.2.0/24 }
    2. To greylist all incoming emails, the following 5 lines are not needed. Comment them by putting a # before the lines:
      list "grey users" rcpt { \
      user1@example.com \
      user2@example.com \
      user3@example.com \
      }
    3. Change this line:
            acl greylist list "grey users" delay 30m autowhite 3d
      to:
            acl greylist default delay 30m autowhite 3d
    4. Check your configuration file:
            /usr/sbin/milter-greylist -c
      You should get the message below, otherwise re-check your configuration file:
            config file "/etc/mail/greylist.conf" is okay

  3. Now we can start the milter-greylist service:

  4. This finishes the milter-greylist installation. But the whole work is not yet complete. You still need to tell sendmail that when it receives a mail, it should give the mail to milter-greylist to process. Edit /etc/mail/sendmail.mc and right after the line OSTYPE(`linux')dnl add the following lines:

  5. Create a new sendmail.cf
    m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
  6. Restart sendmail:
    service sendmail restart

This completes the installation. And congratulations! From now on, you will notice that the number of spam you are receiving has been greatly reduced. And as an added bonus, you will also notice that the number of virus infected emails entering your system is also reduced.

Fr. Visminlu Vicente L. Chua, S.J.
2005/02/11
Updated: 2011/06/04