Greylisting and SMTP AUTH?

Vernon Schryver vjs@calcite.rhyolite.com
Sat Dec 20 19:24:28 UTC 2003


> From: Spike Ilacqua <spike@indra.com>

> I have the SMTP AUTH hack installed so that my roaming users can send
> mail without DCC getting involved.  Does this also apply to greylisting
> or will they be embargo?

`hackmc -T` should adjust sendmail.cf so not only SMTP-TLS but
SMTP-AUTH acts like whitelisting.  However, I suspect it does not.
It has been on my list to set up an SMTP server to do SMTP-AUTH
and see what happens.  If it works, I'd love to hear about it.
Otherwise, I'll have to figure out how to give sendmail and some
MUA some passwords.


] From: Spike Ilacqua <spike@indra.com>

] As I understand it Greylisting uses it's own whitelist.  So to allow
] local networks to bypass the embargo they would need to be in
] "grey_whitelist" and "dbclean -G" would need to be run?

That is all true if you use server-side whitelisting with greylisting.
Greylisting is turned off if either the greylist server (dccd) says
the message is whitelist or if the local, client-side whitelists say so.

With the recently added kludge to support large CDIR blocks, server-side
grey-white-listing seems unlikely to be useful.


] Also, what does it look like in userdirs? 

Yes, client-side whitelisting is done before the greylist server is
consulted.

]                                            Do messages get logged when
] they are first embargoed? 

Yes, unless you put "log no-grey" in a DCC client whitelist file.

]                            Can the user have a "grey_whitelist"?

Yes and no.  Messages that are whitelisted by a per-user whiteclnt
file are exempt from greylist, provide they are exempt for all targets.
If a message needs to be greylisted for at least one target address,
then it is greylist for all target addresses.   

This is another implication of the fact that the SMTP status response
to the DATA command applies to all targets.  An SMTP server can only
accept or reject a message for all targets as a group.


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.