Exim + Greylist + Directadmin

В предыдущей статье я описывал как ставил грейлист  на тазик с панелью на CentOS-е.

Нашел время написать как я ставил   под
Итак, имеем: Debian Lenny, DirectAdmin, из комплекта панели. Потребуется установить демон greylistd и после чуть подправить конфиг ексима.
Приступаем:

aptitude update
aptitude install  greylistd

Теперь необходимо поправить конфиг ексима. Ищем первый accept  в acl_smtp_rcpt и добавляем перед ним:
[eng]Now need to change exim.conf. Find first ‘accept' in ‘acl_smtp_rcpt' and add before:

# GreyListing
    defer   message    = Sender verification for $sender_host_address in progress. Please try later.
        log_message    = greylisted.
        !senders       = :
        !hosts         = : +relay_hosts : +whitelist_hosts : +whitelist_hosts_ip
        !authenticated = *
        !domains       = : ${if exists {/etc/greylistd/skip-greylist}\
                                 {/etc/greylistd/skip-greylist}{}}
        domains        = +local_domains : +relay_domains
        verify         = recipient/callout=20s,use_sender,defer_ok
        condition      = ${readsocket{/var/run/greylistd/socket}\
                            {--grey \
                                  $sender_host_address \
                                  $sender_address \
                                  @$domain}\
                              {5s}{}{false}}

    deny   message = $sender_host_address is blacklisted
        log_message = blacklisted.
        !senders       = :
        !authenticated = *
        verify         = recipient/callout=20s,use_sender,defer_ok
        condition      = ${readsocket{/var/run/greylistd/socket}\
                                 {--black \
                                  $sender_host_address \
                                  $sender_address \
                                  $local_part@$domain}\
                                 {5s}{}{false}}

Далее, ищем в ACL acl_smtp_data первый accept и вставляем перед ним:
Next, find first ‘accept' in ACL acl_smtp_data and add before this code:

     defer
        message        = Sender verification for $sender_host_address in progress. Please try later.
        log_message    = greylisted.
        senders        = :
        !hosts         = : +relay_hosts : +whitelist_hosts : +whitelist_hosts_ip
        !authenticated = *
        condition      = ${readsocket{/var/run/greylistd/socket}\
                                 {--grey \
                                  $sender_host_address \
                                  $recipients}\
                                  {5s}{}{false}}

    deny
        message = $sender_host_address is blacklisted from delivering \
                     mail from <$sender_address> to <$recipients>.
        log_message   = blacklisted.
        !senders       = :
        !authenticated = *
        condition      = ${readsocket{/var/run/greylistd/socket}\
                                 {--black \
                                  $sender_host_address \
                                  $recipients}\
                                  {5s}{}{false}}

В файле /etc/greylistd/skip-greylist можно прописать домены (локальные) для которых не включать грейлистинг. Формат файла простой – один домен на строчку.
Вот собственно все.

In file /etc/greylistd/skip-greylist you can write whitelisted domains. One domain per line.

Если будет свободное время, напишу как прикрутить DSPAM  + Exim + Directadmin

8 comments on “Exim + Greylist + Directadmin

  1. google translator worked almost well … the only part that was confusing me is where to insert the modifications in exim.conf, now it’s quite clear and if you want now i can write a guide in english

    thanks a lot

  2. You have wrote great How-to.

    I have check you article and found that you didn’t tell to readers about whitelisting domains in greylist part.
    From my article:
    “In file /etc/greylistd/skip-greylist you can write whitelisted domains. One domain per line.”

    Thanks. 🙂

Залишити відповідь до admin Скасувати відповідь

Ваша e-mail адреса не оприлюднюватиметься. Обов’язкові поля позначені *

*