Re: milter-greylist not blacklisting

On Thu, Sep 18, 2025 at 08:46:26PM -0600, Gary Aitken wrote:
> I have the following set in /usr/local/etc/greylist.conf:
> 
> racl blacklist domain /.*\.cn$/
> 
> but I am still seeing messages delivered after greylisting:

I'm no expert with milter-greylist regex (I mostly use simple fqdn and
similar for whitelists), so take this with a grain of salt...

Looking at some greylist.conf(5) examples, I usually see "@" included,
presumably for a less wide match, e.g. a couple regex cut-pastes:

     racl whitelist rcpt /@.*otherdomain\.org$/
     racl greylist rcpt /@.*mydomain\.org$/

It's kind of a longshot, but I might suggest trying your racl with
something like this:

     racl blacklist domain /@.*\.cn$/

Also, do you have "domainexact" set?

> Return-Path: <reportfjgiirsy@service.imrmyih.cn>
> Received: from service.imrmyih.cn ([160.30.55.96])
> Received: from 263.com (43.164.135.245) by service.imrmyih.cn ... (envelope-from <reportfjgiirsy@service.imrmyih.cn>)
> From: "visajapan" <reportfjgiirsy@service.imrmyih.cn>
> Message-ID: <20250919045636803510@service.imrmyih.cn>
> X-Greylist: inspected by milter-greylist-4.6.4 ... for IP:'160.30.55.96' DOMAIN:'[160.30.55.96]' HELO:'service.imrmyih.cn' FROM:'reportfjgiirsy@service.imrmyih.cn' RCPT:''
> X-Greylist: Delayed for 00:30:07 by milter-greylist-4.6.4
                          ^^^^^^^^

I think 30m(inutes) is the default greylist wait period unless you
explicitly configure one.


> The blacklist domain lines appear before the greylist.conf line adding the
> X-Greylist header, although I've also tried placing them after it.
> 
> Any ideas why this might be happening?
> I've tried blacklisting both "domain" and "from"
> I have no statements of the form:
> 
> racl greylist list "grey users" delay 30m autowhite 3d
> racl whitelist default
> 
> as I want greylist for everyone by default.