Previous INDEX Next
SMTP client authentication for Sendmail Weird Scenes inside the Local Area Network

Gray Listing with Sendmail

I decided to see if graylisting would reduce the (admittedly small) amount of spam I receive on my mail server. I decided to try graymilter from Jef Poskanzer, since it seemed a reasonable implementation that I could actually understand, and his instructions were FreeBSD friendly.

Building and installing graymilter was fairly easy. I had to change the startup script (graymilter.sh) to read /etc/rc.subr rather than /usr/local/etc/rc.subr. Also, graymilter.sh has to be copied manually to /usr/local/etc/rc.d. FreeBSD will it run automatically at startup.

I followed the installation instructions, with one small change. I set the socket pathname to /var/run/gray/graymilter.sock, so that the user I run graymilter as (nobody) could be given ownership of the directory.

The /etc/rc.conf settings for graymilter are therefore as follows: 

graymilter_enable="YES"
graymilter_flags="-user nobody -initialwhitelist /usr/local/etc/whitelist"
graymilter_socket="unix:/var/run/gray/graymilter.sock"

with corresponding changes to the crimson.mc file.

I made a modification to the graymilter.c source code; I reduced the verbosity of graymilter by only issuing a whitelisting message when the number of addresses to whitelist was non-zero.

I let this run for a few days, and while some spam messages were blocked by the graylisting technique, others got through, presumably because they were being delivered by proper MTAs.

Therefore, in conjuction with graylisting, I configured sendmail to use real-time spam blacklists, by adding the following to the crimson.mc file: 

FEATURE(`enhdnsbl', `bl.spamcop.net', `"Spam blocked see: http://spamcop.net/bl.shtml?"$&{client_addr}', `t')
FEATURE(`enhdnsbl', `sbl-xbl.spamhaus.org', `"Spam blocked see: http://www.spamhause.org', `t')

I've been running graymilter and blocking for about a week, and my spam rate has gone from an average of four a day to one a day. Those that get through are processed by SpamBayes, so spam levels are down to an acceptable level.

Previous INDEX Next
SMTP client authentication for Sendmail Weird Scenes inside the Local Area Network

GNU/Linux Logo