Provided by: milter-greylist_4.3.9-1_i386 bug


       greylist.conf - milter-greylist configuration file


       greylist.conf  configures  milter-greylist(8)  operation. The format is
       simple: each line contains a keyword and optional arguments.  Any  line
       starting  with  a  #  is  considered as a comment and is ignored. Blank
       lines are ignored as well. Comments at the end of lines are accepted in
       some  situations,  but do not take them as granted.  A statement can be
       continued on the next line by using a  backslash.  Anything  after  the
       backslash will be ignored.


       The  primary  use  of  greylist.conf  is  to  setup  milter-greylist(8)
       whitelist. It also offers  a  handy  blacklist  feature.   Access-lists
       (ACL)  are  used  to  do  that. ACL enable the administrator to specify
       complex conditions on sender IP,  sender  DNS  address,  sender  e-mail
       address, and recipient e-mail address. If support for DNSRBL was built-
       in, it is even possible to use DNSRBL in ACL.

       An access-list entry starts  with  the  racl  keyword  followed  by  an
       optional  id  quoted string, then the greylist, whitelist, or blacklist
       keyword, and by any set of the following clauses: addr,  domain,  from,
       rcpt,  rcptcount,  helo,  sm_macro, time, auth, tls, spf (if build with
       SPF support), geoip (if build with GeoIP support), p0f (if  build  with
       p0f  support),  ldapcheck (if build with --with-openldap), urlcheck (if
       built with --with-libcurl), and dnsrbl (if built with --enable-dnsrbl).
       A  message  will  match  an  ACL entry when it complies with all of its

       Clauses can be negated, by prefixing them by the not keyword.

       addr   This  clause  is  used  to  specify  a  netblock  of  source  IP
              addresses. The syntax is an IP address followed by a slash and a
              CIDR netmask. Here is an example:

                racl whitelist addr
                racl whitelist addr
                racl whitelist addr ::1

              If the netmask is ommitted, /32 is assumed for an  IPv4  address
              and /128 is assumed for an IPv6 address.

              You  should  at  least whitelist localhost (, and if
              you have some user clients connecting to the machine, you should
              whitelist the addresses they connect from if you don't want them
              to get error messages when sending e-mail.

       domain This clause selects source machines based  on  their  DNS  name,
              performing  a  suffix search.  For instance, this will whitelist
              any machine in the domain:

                racl whitelist domain

              Suffix search matching  means, for example,  that  will
              match If you want domain names to match on subdomain
              boundaries (e.g. will match  and
              but not then enable domainexact

       The  name  resolution  is  made  by Sendmail, which hands it to milter-
       greylist(8).  As a result, it is impossible to use DNS aliases here. On
       the other hand, this will work even if your DNS resolver is not thread-

       from   This is used to select sender e-mail addresses. You  should  not
              use  that  feature,  because  sender  e-mail  addresses  can  be
              trivially forged.  Example:

                racl whitelist from

       rcpt   This is used to select recipient addresses. Example:

                racl greylist rcpt

              Followed by an operator and a recipient count, this is  used  to
              select the amount of recipients. Example:

                racl   blacklist   rcptcount  >=  25  msg  "No  more  than  25
              recipients, please"

       helo   Followed by a quoted string or a regular expression, this can be
              used to filter on the HELO string.

              This  is  used to select a Sendmail macro value. See the section
              on that topic for more information.

       time   This is used to specify a time set. It should be followed  by  a
              quoted  string of crontab(5)-like time specification. Here is an
              example that whitelists mail addressed  to  a  single  recipient
              during office hours (from 8:00 to 16:59 from monday to friday):

                racl whitelist time "* 8-16 * * 1-5" rcpt

       geoip  This  is  used  to  specify a country, as reported by GeoIP. The
              country code must be  upper  case,  and  is  only  available  if
              milter-greylist  was  built  with  GeoIP  support.  The  geoipdb
              statement can be used to specify the location of GeoIP database.

       p0f    This is used to match against the remote system  OS  fingerprint
              genre  and  detail,obtained  from  p0f.  It is only available if
              milter-greylist was built with p0f support.  p0f clauses can  be
              used  with a quoted string for case-insensitive substring match,
              or against regular expressions. The  p0fsock  statement  can  be
              used to speficy the location of the p0f socket.

       auth   This is used to select a user that succeeded SMTP AUTH. In order
              to select any user that  succeeds  SMTP  AUTH,  you  can  use  a
              regular expression matching, like below;

                racl whitelist auth /.*/

              Using  such  a  clause automatically disable global STARTTLS and
              SMTP AUTH whitelisting, like if the noauth  keyword  would  have
              been used.

       tls    This  is  used  to  select the distinguished name (DN) of a user
              that succeeded  STARTTLS.  Using  such  a  clause  automatically
              disable  global STARTTLS and SMTP AUTH whitelisting, like if the
              noauth keyword would have been used.

       spf    This is used to test  SPF  status.  Possible  values  are  pass,
              softfail,  fail,  unknown, error, none, and self.  The first six
              values are plain SPF validation status.  The  self  value  is  a
              special  test  that checks the server's local IP address against
              the sender's SPF record. If that test validates, odds  are  good
              that  the  sender SPF record is wide open, and this is hint that
              SPF should not be trusted.

              Absence of any value after the spf keyword is a synonym for  spf
              pass.  This is present for backward compatibility.

              The spf clause is only available if SPF support was compiled in.
              Using it will disable global SPF whitelisting, like if the nospf
              keyword would have been used.

              This  is  used  to  query an LDAP directory.  See the section on
              that topic for more information.

              This is used to query an external configuration  source  through
              an URL.  See the section on that topic for more information.

       dnsrbl This  is  used to select a DNSRBL. See the section on that topic
              for more information.

       The  domain,  from,  and  rcpt  clauses  may  be  used   with   regular
       expressions.  The  regular expressions must be enclosed by slashes (/).
       No  escaping  is  available  to  provide  a  slash  inside  a   regular
       expression,  so  just  do  not  use  it. Regular expressions follow the
       format described in re_format(7).  Here is an example:

         racl greylist rcpt /.*@example\.net/

       When regular expressions are not used, from, and rcpt  perform  a  case
       insensitive  substring match with leading and trailing brackets, spaces
       and tabs stripped out.   domain  performs  a  case  insensitive  suffix
       match.  This means, for example, that will match If
       you want domain names to match on subdomain boundaries  (e.g.
       will  match  and but not then enable

       An ACL entry can also hold various optional parameter  used  on  match:
       delay, autowhite, flushaddr, nolog, code, ecode, report, addheader, and

       delay  Specify the greylisting delay used before  the  message  can  be
              accepted.   This  overrides  the greylist global setting, and it
              only  makes sense on an racl greylist entry.

              Specify the autowhitelisting duration for messages matching this
              ACL.   This  overrides the autowhite global setting, and it only
              makes sense on an racl greylist entry. Example:

                racl greylist rcpt delay 15m autowhite 3d
                racl greylist rcpt delay 1h autowhite 3d

              If a message matches the rule, any  entry  in  the  greylist  or
              autowhite databases matching the sender IP is removed. Used with
              a DNSRBL blacklist ACL, it is useful for  freeing  the  database
              from  entries set up by a machine which is known to be a spamer.

                racl blacklist dnsrbl "known-spamers" flushaddr

       nolog  Do not generate syslog message if this rule matches. Example:

                racl whitelist default nolog



       msg    These 3 values can be used to choose  the  SMTP  code,  extended
              code  and  reply  message  for  temporary  failures and rejects.

                racl blacklist dnsrbl "spamstomp" msg "IP caught by spamstomp"
                racl greylist default code "451" ecode "4.7.1"

              The msg strings accepts format string substitution as documented
              in the FORMAT STRINGS section. For instance, %A gets substituted
              by the ACL line number.

              None of the last 3 values makes sense for a whitelist entry.

       report This value  overrides  the  text  displayed  in  the  X-Greylist
              header,  for messages that milter-greylist(8) lets pass through,
              either because they are  whitelisted,  or  because  they  passed
              greylisting  (see REPORTING).  This string can be substituted as
              documented in the FORMAT STRINGS section.

              This quoted string is a RFC822 header that  gets  added  to  the
              message.   Format  string substitution is supported. No check is
              done for header length standard compliance,  so  make  sure  the
              substituted string is shorter than 2048 characters.

       Entries in the access-list are evaluated sequentially, so order is very
       important. The first matching entry is used to decide if a message will
       be  whitelisted  or greylisted. A special default clause can be used in
       the last ACL entry  as  a  wildcard.   Here  are  a  few  complete  ACL

       Example 1:

       racl whitelist from rcpt
       racl whitelist from rcpt
       racl greylist rcpt
       racl whitelist default

       Example 2:

       racl whitelist addr domain
       racl greylist rcpt
       racl greylist rcpt
       racl greylist rcpt
       racl whitelist default

       Example 3:

       racl whitelist rcpt /.*@.*otherdomain\.org/
       racl whitelist addr rcpt
       racl whitelist from rcpt /.*@.*mydomain\.org/
       racl whitelist rcpt
       racl greylist rcpt /.*@.*mydomain\.org/
       racl whitelist default


       ACL  using the racl keyword are evaluated at the RCPT stage of the SMTP
       transaction. It is also possible to have  ACL  evaluated  at  the  DATA
       stage  of  the  SMTP  transaction, using the dacl keyword, provided the
       message went through RCPT-stage ACL,  and  possibly  greylisting.  Note
       that  you canot use the greylist action at DATA-stage if the RCPT-stage
       ACL that matched had a greylist action itself.  The  following  clauses
       can be used to work on message content:

       dkim   DKIM  status  (if  build with DKIM support). Possible values are
              pass, fail, unknown, error, and none,

       header String or regular expression searched in message headers

       body   String or regular expression searched in message body

              Operator followed by a message size (k or M suffix  allowed  for
              kilobytes or megabytes). Example:

                dacl blacklist msgsize >= 4M msg "No more than 4 MB please"

       spamd  SpamAssassin score (if build with SpamAssassin support). If used
              without comparison operator spamd is true if the score is  above
              threshold.  The  spamdsock  keyword  can  be used to specify the
              location of the spamd socket.

              Example 1:

                spamdsock unix "/var/spamassassin/spamd.sock"
                racl whitelist default
                dacl greylist spamd

              Example 2:

                spamdsock inet ""
                racl whitelist default
                dacl blacklist spamd > 15 msg "Your message is considered spam."
                dacl greylist  spamd > 10 delay 2h
                dacl greylist  spamd > 5  delay 1h

       Note that if there are multiple recipient, a rcpt clause at DATA  stage
       evalutes  to  true  if it matches any of them.  If you want to match an
       exact set of recipients, you can use multiple rcpt clauses along with a
       rcptcount clause.


       It  is  often useful to group several users or sender IP addresses in a
       single ACL. This can be done with lists. Lists must  be  first  defined
       and  given  a  name  before they can be used in ACL entries. Here is an

                list "my users" rcpt { }
                list "local" addr { }

                racl whitelist list "local"
                racl greylist list "my users"
                racl whitelist default


       Previous versions of milter-greylist(8) used addr,  domain,  from,  and
       rcpt  lines,  without  the  racl  keyword.   Access-list  management is
       intended to replace them.  These lines are still  accepted  by  milter-
       greylist(8),  but they are deprecated.  milter-greylist(8) handles them
       as access-list entries with a single clause. They are added at the head
       of  the  access-list  so the use of these keywords and access-lists may
       lead to unspecified behaviour. Do not mix them.

       test mode (using -T) is also deprecated. Access-list semantics  do  not
       depend on this flag.

       milter-greylist(8)  also  used to only have a RCPT-stage ACL, which was
       configured through acl statements. These have  been  replaced  by  racl
       statements  (as  opposed  to  dacl statements for DATA-stage ACL).  acl
       statements are still accepted for  backward  compatibility  and  are  a
       synonym for racl statements.


       Synchronization  of  the greylist among multiple MX is configured using
       the peer keyword. List each  other  MX  IP  addresses  using  the  peer
       keyword. Here is an example:

         peer timeout 7
         peer timeout 5m

       You  can  list  the  local  machine  in the peer statements, it will be

       The timeout clause sets a peer communication  timeout  to  have  proper
       retrial  in  case  of slow MX peer. The default value is 3 seconds. The
       special value of 0 disables the connection retrials.

       By default, milter-greylist will listen on  all  interfaces  using  TCP
       port 5252 or the port number given by service named mxglsync if defined
       in /etc/services or other directory  service.  This  behaviour  can  be
       changed by using the syncaddr keyword. Here are a few examples:

         syncaddr *
         syncaddr * port 7689
         syncaddr port 9785
         syncaddr 2001:db8::1:c3b5:123
         syncaddr 2001:db8::1:c3b5:123 port 1234

       Using  '*'  as  the  address  means  to  bind  to all local interfaces'
       addresses.  Note that if you are not using the default  port,  all  MXs
       must use the same port number.

       For  outbound  connections  the system is selecting one of the possible
       adresses.  If you want to use a specific ip you can use:

         syncsrcaddr 123.456.78.9


       milter-greylist(8) uses a text dump of its database to resume operation
       after  a  crash. The dump is performed at regular time interval, but as
       it is a heavy operation, you might want to configure a particular  time
       interval, using the dumpfreq option.

       If  the dumpfreq value is too small, it will kill performance. If it is
       too high, you will loose a bigger part of the database on a crash.

       Set dumpfreq to 0 to get a dump on each change (kills performance), Set
       it to -1 to never dump to a file (unsafe as you lose the whole greylist
       on each crash), or give a time value for the delay between dumps.   The
       time  is  given in seconds, except if a unit is given: m for minutes, h
       for hours, and d for days.

       You may further improve the performance of the dump  operation  at  the
       expense  of  humanly  readable  timestamp which by default appears as a
       comment at the end of each  line  in  the  dumpfile.  You  may  disable
       generation  of  this  comment  by  specifying  dump_no_time_translation
       option in the configuration file. This is specifficaly  recommended  if
       your  dumpfile  grows  to  100's  of megabytes - it can reduce the time
       needed for the dump operation by the order of magnitude!


       By default, milter-greylist(8) will add  a  X-Greylist  header  to  any
       message  it  handles.  The  header  shows what happened to the message:
       delayed or not delayed, and why. The following options can be  used  in
       greylist.conf to alter this behavior:

       report none
              Never add a X-Greylist header.

       report delays
              Only add a header if the message was delayed.

       report nodelays
              Add a header if the message was not delayed. The header explains
              why the message was not delayed.

       report all
              Always add a header. This is the default.


       Sender callback systems are another anti-spam measure that attempts  to
       send  a  DSN  to the sender address before accepting a message. If that
       fails, then the sender address is wrong and the  message  is  rejected.
       Such systems usually stop their callback check at the RCPT stage of the
       SMTP transaction.

       Greylisting temporarily rejects at the RCPT stage, so  sender  callback
       and  greylisting love to fight each other.  milter-greylist(8) proposes
       a workaround  to  that  problem  with  the  delayedreject  option.  For
       messages coming from <> (that is, for DSN), it will cause the temporary
       reject to happen at the DATA stage of the SMTP transaction  instead  of
       the RCPT stage. That way, milter-greylist(8) will cope much better with
       sender callback systems.

       This has a minor drawback (and  this  is  why  it  is  not  enabled  by
       default):  for a multi recipient DSN, whitelisted recipient will not be
       honoured: the message will be delayed for everyone.


       Any sendmail macro can be used as a clause in the access list. You need
       to define a (macro, value) pair using the sm_macro keyword before using
       it.  Here is an example that uses the {client_resolve} macro to apply a
       larger greylisting delay to hosts that have a bogus reverse DNS:

                sm_macro "maybe_forged" "{client_resolve}" "FORGED"

                racl greylist sm_macro "maybe_forged" delay 1h
                racl greylist default delay 15m

       A  regular  expression  can  be  used  as  the macro value.  It must be
       surrounded with slashes and not by quotes.  The special value unset can
       also be used to match an unset macro:

                sm_macro "not_foo" "{foo}" unset

       Note   that   any  Sendmail  macro  that  is  not  exported  using  the
       Milter.macros.envrcpt setting of will be seen as unset from


       DNS  Reverse  Black  List  can  be  used to toggle an ACL. They must be
       defined and named before they can be used. Here  is  an  example  which
       uses  a  bigger greylisting delay for hosts caught in the SORBS dynamic
       pool DNRSBL (this will include DSL and cable customers pools, which are
       well known to be massively infected by spamwares):

                dnsrbl "SORBS DUN"

                racl greylist dnsrbl "SORBS DUN" delay 1h
                racl greylist default delay 15m

       The  definition  of  a DNSRBL starts by the dnsrbl keyword, followed by
       the quoted name of the DNSRBL, the DNS domain on which addresses should
       be looked up, and the answer we should consider as a positive hit.

       DNSRBL support is only available if enabled through the --enable-dnsrbl
       config flag. Please make sure milter-greylist(8) is  linked  against  a
       thread-safe DNS resolver, otherwise it shall crash.

URL checks

       milter-greylist(8)  is  able  to  query external sources of information
       through various URL, if it was built with --with-libcurl.  Here  is  an

                urlcheck "glusr" "" 5

                racl greylist urlcheck "glusr" delay 15m
                racl whitelist default

       The  trailing  5  at  the end of the urlcheck definition is the maximum
       number of simultaneous connections we want to launch on this  URL.  For
       each  message,  the  URL  will  be  querried, with  % format tags being
       subtituted. For instance, %r is substituted by the recipient.  See  the
       FORMAT STRINGS section for the complete list of substitutions.

       milter-greylist(8) expects an answer containing a list of \n terminated
       lines, with key: value pairs. The most basic answer to get a match is:

                milterGreylistStatus: Ok

       TRUE can be used as an alias for Ok here.

       The answer can be more complex, with keys that will  overload  the  ACL

              The greylisting delay to use (time unit suffix allowed).

              The autowhite delay to use (time unit suffix allowed).

              The  value  is  ignored.  If  this  key  is present, then the IP
              address for the sender machine will be flushed from greylist and
              autowhite databases.

              The SMTP code to return (e.g.: 551).

              The SMTP extended code to return (e.g.: 5.7.1)

              The string to return with SMTP codes.

              The string to display in the X-Greylist header.

              This line will be ignored, without warnings in the logs.

              This  feature  is nifty but use it with caution, as it makes the
              access list a bit difficult to  understand.  By  specifying  the
              values  greylist,  whitelist,  or  blacklist,  it is possible to
              overload the ACL action itself.

       The  ACL  will  match  if  any  of   the   above   key   is   returned:
       milterGreylistStatus is not mandatory.

       If  you  use an URL check in a DATA stage ACL, you can post the message
       header and body to the URL. This  is  done  by  appending  the  postmsg
       keyword to the urlcheck statement, like in the example above:

                urlcheck "extfilter" "" 5 postmsg

                dacl blacklist urlcheck "extfilter"
                dacl whitelist default

       It  is  also  possible to gather the properties returned by the URL and
       reuse them in the ACL. This behavior is enabled by the getprop  keyword
       at  the  end  of  urlcheck  definition.  If this option is enabled, the
       gathered properties can be accessed in the current and following ACL by
       prefixing  them  by  a dollar ($).  If the clear keyword is added, then
       properties will be cleaned up before handling  a  new  recipient.  This
       avoids  properties  for  several  recipients  to mix.  The fork keyword
       instructs milter-greylist(8) to fork a separate instance of itself  for
       performing the queries. Use it if you encounter thread-safety problems.
       fork is not compatible with postmsg.  The ldapcheck clause never match.
       It  just  fetches  properties,  causing a temporary failure if the LDAP
       directory is unreachable. In order to actually match when an object  if
       returned by the LDAP directory, append the domatch keyword.

       Here  is  an  example  that will use various DNSRBL depending on a per-
       recipient setting stored in the dnsrbl attribute of a LDAP directory.

                dnsrbl "RBL2" "" ""
                dnsrbl "RBL3" "" ""
                dnsrbl "RBL4" "" ""
                urlcheck                                            "userconf"
              5 getprop clear

                racl  blacklist  urlcheck  "userconf"  $dnsrbl  "RBL2"  dnsrbl
                racl blacklist $dnsrbl "RBL3" dnsrbl "RBL3"
                racl blacklist $dnsrbl "RBL4" dnsrbl "RBL4"

       Note  that  when matching gathered properties, format strings and regex
       can be used.


       If milter-greylist was built with --with-openldap, then  you  can  also
       use  ldapcheck  for  pulling  information  from an LDAP directory. This
       works  exactly  like  urlcheck,  except  that  properties  are   always
       collected: the only available option is clear.

       A  list  of LDAP URL to use can be specified with the ldapconf keyword.
       The network timeout is optional.

                ldapconf "ldap://localhost  ldaps://"  timeout

       When  ldaps://  is  used, the system's ldap.conf file is used to locate
       x509 certificates.

       When defining LDAP queries with the ldapcheck statement, note that  the
       scheme  and  host  part  of  the  URL  are  ignored.  Servers listed in
       ldapconf are used instead.


       The ratelimit keyword specifies a ratelimit configuration to be used in
       access lists. It must be followed by the rate limit configuration name,
       what is being accounted (i.e.: session  for  SMTP  sessions,  rcpt  for
       recipients,  data for bytes in body and headers), the actual limit, and
       the sampling period. Example:

                ratelimit "internalclients" rcpt 10 / 1m

                racl blacklist addr ratelimit "internalclients" \
                   msg "you speak too much"

       The  ratelimit  keyword  can  also  have an option key statement, which
       determine the set of key for message accounting. The default is %i  for
       per  IP  address  accounting  (see  the FORMAT STRINGS sections for the
       possible syntax of this field). Here is an example  that  configures  a
       rate  limit  of  100 messages per hour for each individual recipient-IP

                ratelimit "internalclients" rcpt 100 / 1h key "%r%i"

                racl blacklist addr ratelimit "internalclients" \
                   msg "you speak too much"


       The  stat  keyword  can  be used to specify a custom report for milter-
       greylist activity.  It should be supplied with an output  (either  file
       or external command) and a format string. Here is an example:

                stat ">>/var/log/milter-greylist.log" "%T{%T},%i,%f,%r,%A\n"

       If  the output starts by >> or > then it is a file. Use >> to append to
       an existing file, and use > to overwrite it. If the output starts by  a
       | then the output is a shell command, like in the example below:

                stat "|logger -p" "%T{%T},%i,%f,%r,%A\n"

       The format string gets substituted as URL checks format string: %r gets
       substituted by the recipient, %f by the sender,  and  so  on.  See  the
       FORMAT STRINGS section for a complete list of available substitutions.


       Most  milter-greylist(8)  command-line  options have equivalent options
       that can be set in the configuration file. Note that if a command  line
       option is supplied, it will always override the configuration file.

       If  a  command-line equivalent keyword is used more than once, the last
       keyword will override the previous ones.

              Enable debug output. This is equivalent to the -v flag.

       quiet  Do not tell clients how much time remains  before  their  e-mail
              will be accepted. This is equivalent to the -q flag.

              Do  not  fork  and go into the background. This is equivalent to
              the -D flag.

       noauth Greylist clients regardless  if  they  succeeded  SMTP  AUTH  or
              STARTTLS.  Equivalent to the -A flag.

              Normally   milter-greylist(8)   will   whitelist  a  message  if
              sendmail(8) defines a  ${greylist}  macro  set  to  WHITE.  This
              enables  complex whitelisting rules based on the Sendmail access
              DB. This option inhibits this behavior.

       nospf  Greylist  clients  regardless   if   they   are   SPF-compliant.
              Equivalent to the -S flag.

              Enable  test  mode.  Equivalent  to  the -T flag. This option is

              The argument sets how much time milter-greylist(8) will want the
              client  to  wait  between  the  first  attempt  and the time the
              message is accepted. The time is given in seconds, except  if  a
              unit  is given: m for minutes, h for hours, and d for days.  The
              greylist keyword is equivalent to the  -w  option.  Here  is  an
              example that sets the delay to 45 minutes:

                greylist 45m

              This  sets  the auto-whitelisting duration, equivalent to the -a
              command-line option. As for the greylist keyword, units  can  be
              supplied. Here is an example for a 3 day long auto-whitelisting:

                autowhite 3d

              This  causes  milter-greylist(8)  to write its PID into the file
              given as argument, like the -P command line argument  does.  The
              path  to  the  file  must be absolute and it must be enclosed in
              quotes. Here is an example:

                pidfile "/var/run/"

              This chooses the location of the greylist dump file, like the -d
              command line option does. The path must be absolute and enclosed
              in quotes.  It can optionally be followed by an octal permission
              mode.  Example:

                dumpfile "/var/milter-greylist/greylist.db" 640

              This  is  equivalent  to  the -L command line option. It takes a
              slash followed by a CIDR mask as argument, and it  commands  the
              subnet matching feature. Example, for a class C wide matching:

                subnetmatch /24

              This  is  equivalent  to  the -M command line option. It takes a
              slash followed by a prefixlen as argument, and it  commands  the
              subnet matching feature. Example, for a subnet wide matching:

                subnetmatch6 /64

       socket Like the -p command line option, this keyword is used to specify
              the socket used to communicate with  sendmail(8).   It  must  be
              enclosed  in  quotes  and can optionally be followed by an octal
              permission mode (valid values are 666, 660 or 600, other  values
              cause an error):

                socket "/var/milter-greylist/milter-greylist.sock" 660

       user   This  keyword  should  be  followed  by  a quoted user login and
              optionally a colon followed by a groupname.  Like the -u option,
              this is used to run milter-greylist(8) as a non root user.  Here
              is an example:

                user "smmsp"


       These options have no command line equivalent:

       logfac Sets the syslog facility for messages.  Can be set to any of the
              standard  facilities:  kern,  user,  mail, daemon, auth, syslog,
              lpr, news, uucp, cron, authpriv, ftp,  local0,  local1,  local2,
              local3, local4, local5, local6, local7.  Can also be set to none
              to disable syslog output completely.

              is used to control how long greylist tuples are retained in  the
              database.   Value  is in seconds, except if a suffix is given (m
              for minutes, h for hours, d for days). Default is 5 days.

              Use  extended  regular  expressions  instead  of  basic  regular

              Limit  (in  bytes)  how much of messages are examined for header
              and body searches.

       lazyaw Make auto-whitelist look at just the IP instead of  the  (sender
              IP, sender e-mail address, recipient e-mail address) tuple.

              match  on  subdomain  boundaries  instead  of the default suffix
              matching.  E.g. if domainexact is not enabled (the default) then
       will  match  in  addtion  to  If
              domainexact  is  enabled  then,  domain  names  will  match   on
              subdomain  boundaries (e.g. will match and
     but not

       drac db
              Tell where the DRAC DB file is. This is only available  if  DRAC
              support was compiled in. Here is an example:

                drac db "/usr/local/etc/drac.db"

       nodrac Disable DRAC.

              This option causes greylist entries that expire to be logged via
              syslog.  This allows you to easily collect the IP addresses  and
              sender  names  and use them for blacklisting, SPAM scoring, etc.
              Normally, expirations are only logged if  the  debug  option  is
              set, but that generates a lot of extra messages.

       The  configuration  file  is reloaded automatically once it is modified
       when new e-mail arrives. Most configuration keywords will  take  effect
       immediately,  except the following, which will only take effect after a
       restart of milter-greylist(8): nodetach, pidfile, socket, and user.

       The dumpfreq option can be changed dynamically,  but  the  change  will
       only take effect after the next dump.


       Various  statements  in  the  configuration file accept format strings,
       where the following % prefixed tokens  are  substituted.  Here  is  the
       complete  list of available substitutions (Note that some substitutions
       are not relevant in any context).

       %r     the message recipient e-mail address

       %f     the message sender e-mail address

       %i     the sender machine IP address

       %I     the sender machine IP address masked by a CIDR. Example: %I{/24}

       %d     the sender machine DNS address

       %h     the SMTP transaction HELO string

       %mr    the mailbox part of %r (before the @ sign)

       %sr    the site part of %r (after the @ sign)

       %mf    the mailbox part of %f (before the @ sign)

       %sf    the site part of %f (after the @ sign)

       %md    the machine part of %d (before the first . sign)

       %sd    the site part of %d (after the first . sign)

       %Xc    the SMTP code returned

       %Xe    the SMTP extended code returned

       %Xm    the SMTP message returned

       %Xh    the message displayed in the X-Greylist header

       %D     Comma-separated list of DNSRBL for which the sender host matched

       %M     a sendmail macro value. Examples: %Mj or %M{if_addr}

       %g     a regex backreference. For instance, %g{\2}  is  substituted  by
              the string maching the second parenthesis group in all ACL regex

       %T     a  brace-enclosed  strftime(3)  format  string  that   will   be
              substituted by the system time. Example: %T{%Y%m%d:%H%M%S}

       %v     milter-greylist's version

       %G     Offset to GMT (e.g.: -0100)

       %C     Sender  IP  country  code,  as  reported  by GeoIP. This is only
              available if milter-greylist was built with GeoIP support

       %Fx    p0f OS fingerprint genre and detail. This is only  available  if
              milter-greylist was built with p0f support.

       %V     Shortcut  to  "milter-greylist-%v (%Mj [%M{if_addr}]); %T{%a, %d
              %b %Y %T} %G (%T{%Z})"

       %S     the action performed: accept, tempfail, or reject.

       %A     the line number of the ACL that caused the action.

       %a     the id string of the ACL that caused the action. If  no  id  was
              given, the line number is used instead.

       %Et    total  elapsed  time  in seconds before a greylisted message has
              been accepted

       %Eh    hours elapsed

       %Em    minutes elapsed (modulo one hour)

       %Es    seconds elapsed (modulo one minute)

       %E     shortcut to %Eh:%Em:Es

       %Rt    total remaining time in seconds before a greylisted message will
              be accepted

       %Rh    hours remaining

       %Rm    minutes remaining (modulo one hour)

       %Rs    seconds remaining (modulo one minute)

       %R     shortcut to %Rh:%Rm:Rs

       %Hs    SpamAssassin score (if build with SpamAssassin support)

       %%     a single % character


       Emmanuel Dreyfus <>

       milter-greylist  received  many  contributions  from  (in  alphabetical
       order):  Aida  Shinra,  Adam  Katz,  Alexander  Lobodzinski,  Alexandre
       Cherif, Alexey Popov, Andrew McGill, Attila Bruncsak, Benoit Branciard,
       Bernhard  Schneider,  Bob  Smith,  Constantine  A.  Murenin,  Christian
       Pelissier,  Cyril  Guibourg,  Dan Hollis, Elrond, Enrico Scholz, Eugene
       Crosser, Fabien Tassin, Fredrik Pettai, Gary Aitken, Georg  Horn,  Gert
       Doering, Greg Troxel, Guido Kerkewitz, Hajimu Umemoto, Hideki ONO, Ivan
       F.  Martinez,  Jacques  Beigbeder,  Jean  Benoit,  Jeff   Rife,   Jobst
       Schmalenbach,  Joe  Pruett,  Joel  Bertrand,  Johann  E. Klasek, Johann
       Klasek, John Thiltges, Klas Heggemann, Laurence Moindrot,  Lev  Walkin,
       Manuel  Badzong,  Martin  Paul,  Matt  Kettler, Mattheu Herrb, Matthias
       Scheler, Matthieu Herrb, Michael Fromme, Moritz Both, Nerijus Baliunas,
       Pavel  Cahyna,  Per  Holm,  Petr  Kristof,  Ralf  S. Engelschall, Ranko
       Zivojnovic, Remy Card, Rick  Adams,  Rogier  Maas,  Romain  Kang,  Rudy
       Eschauzier,  Stephane  Lentz,  Thomas Scheunemann, Tim Mooney, Wolfgang
       Solfrank, and Yaroslav Boychuk.

       Thanks to Helmut Messerer and Thomas Pfau for  their  feedback  on  the
       first releases of this software.


       milter-greylist(8), sendmail(8), syslogd(8).

       Evan Harris's paper:

       milter-greylist's web site:

                                 May 10, 2005                 greylist.conf(5)