В предыдущей статье я описывал как ставил грейлист на тазик с панелью directadmin на CentOS-е.
Нашел время написать как я ставил greylist под debian
Итак, имеем: Debian Lenny, DirectAdmin, exim из комплекта панели. Потребуется установить демон greylistd и после чуть подправить конфиг ексима.
Приступаем:
aptitude update aptitude install greylistd
Теперь необходимо поправить конфиг ексима. Ищем первый accept в acl_smtp_rcpt и добавляем перед ним:
[eng]Now need to change exim.conf. Find first ‘accept' in ‘acl_smtp_rcpt' and add before:
# GreyListing defer message = Sender verification for $sender_host_address in progress. Please try later. log_message = greylisted. !senders = : !hosts = : +relay_hosts : +whitelist_hosts : +whitelist_hosts_ip !authenticated = * !domains = : ${if exists {/etc/greylistd/skip-greylist}\ {/etc/greylistd/skip-greylist}{}} domains = +local_domains : +relay_domains verify = recipient/callout=20s,use_sender,defer_ok condition = ${readsocket{/var/run/greylistd/socket}\ {--grey \ $sender_host_address \ $sender_address \ @$domain}\ {5s}{}{false}} deny message = $sender_host_address is blacklisted log_message = blacklisted. !senders = : !authenticated = * verify = recipient/callout=20s,use_sender,defer_ok condition = ${readsocket{/var/run/greylistd/socket}\ {--black \ $sender_host_address \ $sender_address \ $local_part@$domain}\ {5s}{}{false}}
Далее, ищем в ACL acl_smtp_data первый accept и вставляем перед ним:
Next, find first ‘accept' in ACL acl_smtp_data and add before this code:
defer message = Sender verification for $sender_host_address in progress. Please try later. log_message = greylisted. senders = : !hosts = : +relay_hosts : +whitelist_hosts : +whitelist_hosts_ip !authenticated = * condition = ${readsocket{/var/run/greylistd/socket}\ {--grey \ $sender_host_address \ $recipients}\ {5s}{}{false}} deny message = $sender_host_address is blacklisted from delivering \ mail from <$sender_address> to <$recipients>. log_message = blacklisted. !senders = : !authenticated = * condition = ${readsocket{/var/run/greylistd/socket}\ {--black \ $sender_host_address \ $recipients}\ {5s}{}{false}}
В файле /etc/greylistd/skip-greylist можно прописать домены (локальные) для которых не включать грейлистинг. Формат файла простой – один домен на строчку.
Вот собственно все.
In file /etc/greylistd/skip-greylist you can write whitelisted domains. One domain per line.
Если будет свободное время, напишу как прикрутить DSPAM + Exim + Directadmin
can you please attach an example config or translate this article in english, it would be very appreciated
thanks for the good work!
hi.
You can use google translator (translate.google.com)
Anyway i added english comments to article.
Have fun 🙂
google translator worked almost well … the only part that was confusing me is where to insert the modifications in exim.conf, now it’s quite clear and if you want now i can write a guide in english
thanks a lot
You are welcome.
I’m glad that this article help you. And of course you can write this guide in english.
here I am i wrote two howtos one in english and one in italian, here they are:
http://www.codelime.net/Howto/DirectAdmin/Attivare_le_RBL_e_greylist_per_exim/ [Italian]
http://www.codelime.net/Howto/DirectAdmin/Activate_RBL_and_greylist_on_exim_debiam_directadmin/ [English]
You have wrote great How-to.
I have check you article and found that you didn’t tell to readers about whitelisting domains in greylist part.
From my article:
“In file /etc/greylistd/skip-greylist you can write whitelisted domains. One domain per line.”
Thanks. 🙂
you’re right i’ve also forgot to say that i wrote a little php script to run in cron which download a public whitelist from http://users.aber.ac.uk/auj/spam/iplist.txt and automatically put it into greylistg … i’ll update it as soon as possible.
howtos updated if you wanna have a look to the php script 😉
thanks for all