Skip to main content

Greylisting in IndiMail

Greylisting is a method of defending email users against spam, by temporarily rejecting any email from a IP/Sender which it does not recognize. As per SMTP, the originating server should after a delay retry. A server implementing greylisting should accept the mail if sufficient time has elapsed. If the mail is from a spammer it will probably not be retried since a spammer goes through thousands of email addresses and typically cannot afford the time delay to retry.

IndiMail 1.6 onwards implements greylisting using qmail-greyd daemon. You additionally need to have the environment variable GREYIP defined for the qmail-smtpd process. The environment variable GREYIP specifies on which IP and port, qmail-greyd is accepting greylisting requests. qmail-smtpd uses UDP to send a triplet (IP+RETURN_PATH+RECIPIENT) to the greylisting server and waits for an answer which tells qmail-smtpd to proceed ahead or to temporarily reject the mail. qmail-greyd also accepts a list of whitelisted IP addresses for which greylisting should not be done.

1. Enabling qmail-greyd greylisting server
% su
# svctool --greylist=1999 --servicedir=/service --min-resend-min=2 \
--resend-win-hr=24 --timeout-days=30 --context-file=greylist.context \
--save-interval=5 --whitelist=greylist.whitelist --use-greydaemon

NOTE: The above service has already been setup for you, if you have done a binary installation of IndiMail/indimail-mta

2. Enabling greylisting in SMTP
  • Assuming you've setup your qmail-smtpd service with tcpserver with the -x option (as in LWQ), you just need to update the cdb file referenced by this -x option. The source for this file is typically /etc/indimail/tcp.smtp. For example,
    • could become,
    • If you've setup qmail-greyd on a non-default address (perhaps you're running qmail-greyd on a separate machine), you'll also need to specify the address it's listening on - adjust the above to include GREYIP="", for example.
    • Finally, don't forget to update the cdb file corresponding to the source file you've just edited. If you have a LWQ setup that's,
      # qmailctl cdb

    • Alternatively (and particularly if you're not using the -x option to tcpserver) you can enable greylisting for all SMTP connections by setting GREYIP in the environment in which qmail-smtpd is started - for example your variables directory for qmail-smtpd can contain a file with the name GREYIP
      # echo GREYIP=\"\" > /service/qmail-smtpd.25/variables/GREYIP
    NOTE: The above instructions are for IndiMail/indimail-mta 2.x and above. For 1.x releases, use /var/indimail/etc for the location of tcp.smtp and tcp.smtp.cdb
    Post a Comment

    Popular posts from this blog

    IndiMail Installation for newbies in < 10 steps

    Installing Indimail using YUM/APT Repository Install OS
    openSUSE Leap 42.3
    openSUSE Leap 42.2
    openSUSE 13.2
    openSUSE 13.1
    SUSE Linux Enterprise 12 SP2
    SUSE Linux Enterprise 12 SP1
    SUSE Linux Enterprise 12
    Red Hat
    Feodra 27
    Fedora 26
    Red Hat Enterprise Linux 7
    Red Hat Enterprise Linux 6
    CentOS 7
    CentOS 6
    Debian 8.0
    Debian 7.0
    Ubuntu 17.04
    Ubuntu 16.10
    Ubuntu 16.04
    Ubuntu 14.04
    Ubuntu 12.04
    Click the below URL for Install Instructions Shutdown MySQL if already running and disable MySQL from being started up by the system % /etc/init.d/mysqld stop % sudo chkconfig mysqld off % /bin/rm -f /service/mysql.3306/down
    Start IndiMail
    % sudo service indimail start Check Servicess
    % sudo /usr/bin/svstat /service/* /service/clamd: up (pid 1014) 2985 seconds /service/dnscache: up (pid 1021) 2985 seconds /service/fetchmail: down 2985 seconds /service/freshclam: up (pid 1020) 2…

    The AdminClient Protocol

    IndiMail provides close to around 300 different programs as part of a flexible Enterprise Messaging Platform. You can carry administer the entire platform with around 45 of these programs. A program called indisrvr(8) provides a way for users to secure execute these commands from any remote location. To execute these programs, you need to have an admin account on the IndiMail server. These accounts can be created by the mgmtpass(8) program. Once you have an admin account on the IndiMail server, you can further restrict users to certain programs using the vpriv(8) program. vpriv can further modify privileges by allowing only certain options within a allowed program.

    To execute these programs on the IndiMail server, you need to connect to port 4000 and use the adminclient protocol. The adminclient protocol is described below by showing a conversation between a client and the server 'indisrvr'

    s - denotes server
    c - denotes client

            s: "Login: "
            c: "u…

    Writing Filters for IndiMail

    IndiMail provides multiple methods by which you can intercept an email in transit and modify the email headers or the email body. A filter is a simple program that expects the raw email on standard input and outputs the message text back on standard output. The program /bin/cat can be used as a filter which simply copies the standard input to standard output without modifying anything. Some methods can be used before the mail gets queued and some methods can be used before the execution of local / remote delivery.

    It is not necessary for a filter to modify the email. You can have a filter just to extract the headers or body and use that information for some purpose. IndiMail also provides the following programs - 822addr(1), 822headerfilter(1), 822bodyfilter(1), 822field(1), 822fields(1), 822header(1), 822body(1), 822headerok(1), 822received(1), 822date(1), 822fields(1) to help in processing emails.

    Let us say that we have written a script /usr/local/bin/myfilter. The myfilter program …