bypassing greylisting for road-warriors?

Vernon Schryver vjs@calcite.rhyolite.com
Wed Sep 20 17:00:40 UTC 2006


> From: Sam Leffler 

> I have my sendmail.cf setup so that SMTP clients that use SMTP AUTH
> and/or connect with a verified TLS cert have mail marked as !spam.  But
> these clients still get hit with greylisting.  Is there a way to arrange
> for them to bypass greylisting too?

If sendmail.cf has been generated with `/var/dcc/libexec/hackmc -T`
and if sendmail's answer is consulted first thanks to a 
    option MTA-first
line in the global or a per-user whiteclnt file, then greylisting should
be turned off for varified TLS or SMTP-AUTH results.

"option MTA-first" is handy because it lets per-user whiteclnt files
override sendmail access_DB.  It lets users accept mail from major
sources of spam listed in a system's global access_DB.  "option MTA-last"
is the default for historical if no other reasons.


However, this patch to the 1.3.42 and 2.3.42 source might make verified
SMTP TLS and SMTP AUTH results turn off greylisting regardless of the
MTA-first or MTA-last setting.  I would appreciate hearing one way or
the other.

*** thrlib/old-cmn.c	Wed Sep 20 10:48:08 2006
--- thrlib/cmn.c	Wed Sep 20 10:36:41 2006
*************** cmn_ask_white(CMN_WORK *cwp, u_char mta_
*** 1587,1593 ****
  		    || grey_query_only
  		    || mta_grey_query)
  			grey_op = DCC_OP_GREY_QUERY;
! 		else if (rcpt_st->fgs & RCPT_FG_WHITE)
  			grey_op = DCC_OP_GREY_WHITE;
  		else
  			grey_op = DCC_OP_GREY_REPORT;
--- 1587,1594 ----
  		    || grey_query_only
  		    || mta_grey_query)
  			grey_op = DCC_OP_GREY_QUERY;
! 		else if ((rcpt_st->fgs & RCPT_FG_WHITE)
! 			 || (cwp->ask_st & ASK_ST_MTA_NOTSPAM))
  			grey_op = DCC_OP_GREY_WHITE;
  		else
  			grey_op = DCC_OP_GREY_REPORT;




Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.