Re: milter-greylist not blacklisting
- Reply: Steve Rikli : "Re: milter-greylist not blacklisting"
- In reply to: Steve Rikli : "Re: milter-greylist not blacklisting"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 19 Sep 2025 19:47:34 UTC
On 9/18/25 21:21, Steve Rikli wrote: > On Thu, Sep 18, 2025 at 08:46:26PM -0600, Gary Aitken wrote: >> I have the following set in /usr/local/etc/greylist.conf: >> >> racl blacklist domain /.*\.cn$/ >> >> but I am still seeing messages delivered after greylisting: ... > Looking at some greylist.conf(5) examples, I usually see "@" > included, presumably for a less wide match, e.g. a couple regex cut- > pastes: > > racl whitelist rcpt /@.*otherdomain\.org$/ racl greylist rcpt / > @.*mydomain\.org$/ > > It's kind of a longshot, but I might suggest trying your racl with > something like this: > > racl blacklist domain /@.*\.cn$/ I think the @ is there because it's a "rcpt" racl, not a "domain" racl. Seems like a long shot since .* should still match the @. Thanks, I'll also try some combinations using "from" instead of "domain" racl blacklist from /@.*\.cn$/ > Also, do you have "domainexact" set? No. But given the regular expression I'm using, it shouldn't matter? Gary >> Return-Path: <reportfjgiirsy@service.imrmyih.cn> Received: from >> service.imrmyih.cn ([160.30.55.96]) Received: from 263.com >> (43.164.135.245) by service.imrmyih.cn ... (envelope-from >> <reportfjgiirsy@service.imrmyih.cn>) From: "visajapan" >> <reportfjgiirsy@service.imrmyih.cn> Message-ID: >> <20250919045636803510@service.imrmyih.cn> X-Greylist: inspected by >> milter-greylist-4.6.4 ... for IP:'160.30.55.96' >> DOMAIN:'[160.30.55.96]' HELO:'service.imrmyih.cn' >> FROM:'reportfjgiirsy@service.imrmyih.cn' RCPT:'' X-Greylist: >> Delayed for 00:30:07 by milter-greylist-4.6.4 > ^^^^^^^^ > > I think 30m(inutes) is the default greylist wait period unless you > explicitly configure one. > > >> The blacklist domain lines appear before the greylist.conf line >> adding the X-Greylist header, although I've also tried placing >> them after it. >> >> Any ideas why this might be happening? I've tried blacklisting >> both "domain" and "from" I have no statements of the form: >> >> racl greylist list "grey users" delay 30m autowhite 3d racl >> whitelist default >> >> as I want greylist for everyone by default. > >