Reasonable settings for greyexp and whiteexp

Jeremy C. Reed reed at
Tue Sep 11 06:09:51 PDT 2007

On Tue, 11 Sep 2007, Sh4d03 wrote:

> I've got spamd working on my FreeBSD pf gateway, however it seems there 
> maybe a few legit senders who are never becoming whitelisted (though 
> most are).
> Until just now my settings were:
> passtime: 25
> greyexp: 8
> whiteexp: 36
> I've now just lowered the passtime to 10 and increased the greyexp to 12 
> in the hope that I can eliminate the legitimate senders from failing to 
> successfully transmit their messages. I was wondering what other people 
> have configured for the above settings.

I use: -G 20:6:864
passtime = 20 minutes
greyexp = 6 hours
whiteexp = 864 hours (default)

Your whiteexp is way too low. (That is hours not days.)

You also need to take in consideration common MTAs queue retry times. 
Sendmail defaults usually have 30 minutes minimum time in queue before 
retry (up to five days). Exim commonly will retry every 15 minutes for 
first two hours, then increase the times between retries up to six hours 
between until four days. While postfix (by default) will retry between 
five minutes and 66 minutes up to five days (times between increasing).

  Jeremy C. Reed

More information about the freebsd-pf mailing list