trying to greylist only

john crawford
Mon May 8 01:29:14 UTC 2006

At 06:49 PM 5/7/2006, Vernon Schryver wrote:
> > From: john crawford
> > In testing, I'm getting dcc server bulkiness lookups
> > when I'm trying to ONLY use greylisting functionality with grey-query.
> > So if a message meets reject criterion (like, perhaps, MANY),  I'll not
> > greylist reject if the . Since I
> > have grey-query on the dccifd invocation text, I expect only
> > greylisting to be active.
> > as in
> > " body no-reject rcvd-nxt grey-query"
> > I have
> >
> > I'm hoping to test implement grey-query with the local grey server
> > referenced, yet suppress network dcc server lookups. I'm missing
> > something.
>I understand neither the goal nor what undesirable things are happening.
>Qeury-only greylisting is unlikely to be of any use except for testing
>and diagnosing problems.  Greylist embargoes can never end with grey-query,
>because "query" implies "don't change the database," and that implies
>not adding the records that say when the embargo started.  With query-only,
>every message will be met with an "embargo #1"
>With the normal settings, greylisting (i.e. 4yz rejection) is done only
>if the message is not determined to be spam by other tests including
>the normal DCC threshold (e.g. MANY).

Vernon, Thank you for the reply.

My goal was to allow the greylist algorithm to stop spammer messages based
on machines that don't retry. It wasn't my goal to permit messages 
that came from
these same machines, yet tested as bulk, to be accepted. I wanted to
use (test) your greylisting functionality independently of dcc metric 

I made some changes based on your comments and have
desirable results.  I was misunderstanding some of the docs.
I had interpreted
grey-query: only query the greylist server for this message.

to mean "don't query a dcc server for this message, only a greylist server"

rather than

"for this message query but don't update the greylist server state"

The per user whiteclnt "option dcc-off" which you highlighted
does, in fact, contribute to what I was hoping to achieve.

>The scripts in /var/dcc/cgi-bin are a proof-of-concept CGI interface that
>allow users to monitor their log files and maintain their whiteclnt files.

Yes, I have been using them and they are a helpful tool for my


>Vernon Schryver
>DCC mailing list

More information about the DCC mailing list

Contact by mail or use the form.