I decided to see if graylisting would reduce the (admittedly small) amount of spam I receive on my mail server. I decided to try graymilter from Jef Poskanzer, since it seemed a reasonable implementation that I could actually understand, and his instructions were FreeBSD friendly.
Building and installing graymilter was fairly easy. I had to
change the startup script (graymilter.sh) to read
/etc/rc.subr rather than /usr/local/etc/rc.subr.
Also, graymilter.sh has to be copied manually to
/usr/local/etc/rc.d. FreeBSD will it run automatically at startup.
I followed the installation instructions, with one small change. I
set the socket pathname to /var/run/gray/graymilter.sock,
so that the user I run graymilter as (nobody) could be
given ownership of the directory.
The /etc/rc.conf settings for graymilter are therefore as
follows:
graymilter_enable="YES" graymilter_flags="-user nobody -initialwhitelist /usr/local/etc/whitelist" graymilter_socket="unix:/var/run/gray/graymilter.sock"
with corresponding changes to the crimson.mc file.
I made a modification to the graymilter.c source code; I
reduced the verbosity of graymilter by only issuing a whitelisting
message when the number of addresses to whitelist was non-zero.
I let this run for a few days, and while some spam messages were blocked by the graylisting technique, others got through, presumably because they were being delivered by proper MTAs.
Therefore, in conjuction with graylisting, I configured sendmail to
use real-time spam blacklists, by adding the following to the
crimson.mc file:
FEATURE(`enhdnsbl', `bl.spamcop.net', `"Spam blocked see: http://spamcop.net/bl.shtml?"$&{client_addr}', `t')
FEATURE(`enhdnsbl', `sbl-xbl.spamhaus.org', `"Spam blocked see: http://www.spamhause.org', `t')
I've been running graymilter and blocking for about a week,
and my spam rate has gone from an average of four a day to one a
day. Those that get through are processed by SpamBayes, so
spam levels are down to an acceptable level.
