NAME

Mail::MtPolicyd::Plugin::Greylist - mtpolicyd plugin for checking the client-address against an RBL

VERSION

version 1.11

DESCRIPTION

This plugin implements a greylisting mechanism with an auto whitelist.

If a client connects it will return an defer and create a greylisting "ticket" for the combination of the address of the sender, the senders address and the recipient address. The ticket will be stored in memcached and will contain the time when the client was seen for the first time. The ticket will expire after the max_retry_wait timeout.

The client will be defered until the min_retry_wait timeout has been reached. Only in the time between the min_retry_wait and max_retry_wait the request will pass the greylisting test.

When the auto-whitelist is enabled (default) a record for every client which passes the greylisting test will be stored in the autowl_table. The table is based on the combination of the sender domain and client_address. If a client passed the test at least autowl_threshold (default 3) times the greylisting test will be skipped. Additional an last_seen timestamp is stored in the record and records which are older then the autowl_expire_days will expire.

Please note the greylisting is done on a triplet based on the

client_address + sender + recipient

The auto-white list is based on the

client_address + sender_domain

PARAMETERS

(uc_)enabled (default: on)

Enable/disable this check.

score (default: empty)

Apply an score to this message if it _passed_ the greylisting test. In most cases you want to assign a negative score. (eg. -10)

mode (default: passive)

The default is to return no action if the client passed the greylisting test and continue.

You can set this 'accept' or 'dunno' if you want skip further checks.

defer_message (default: defer greylisting is active)

This action is returned to the MTA if a message is defered.

If a client retries too fast the time left till min_retry_wait is reach will be appended to the string.

min_retry_wait (default: 300 (5m))

A client will have to wait at least for this timeout. (in seconds)

max_retry_wait (default: 7200 (2h))

A client must retry to deliver the message before this timeout. (in seconds)

use_autowl (default: 1)

Could be used to disable the use of the auto-whitelist.

autowl_threshold (default: 3)

How often a client/sender_domain pair must pass the check before it is whitelisted.

autowl_expire_days (default: 60)

After how many days an auto-whitelist entry will expire if no client with this client/sender pair is seen.

autowl_table (default: autowl)

The name of the table to use.

The database handle specified in the global configuration will be used. (see man mtpolicyd)

query_autowl, create_ticket (default: 1)

This options could be used to disable the creation of a new ticket or to query the autowl.

This can be used to catch early retries at the begin of your configuration before more expensive checks a processes.

Example:

<Plugin greylist>
  module = "Greylist"
  score = -5
  mode = "passive"
  create_ticket = 0
  query_autowl = 0
</Plugin>
# ... a lot of RBL checks, etc...
<Plugin ScoreGreylist>
  module = "ScoreAction"
  threshold = 5
  <Plugin greylist>
    module = "Greylist"
    score = -5
    mode = "passive"
  </Plugin>
</Plugin>

This will prevent early retries from running thru all checks.

AUTOWL TABLE CREATE SQL SCRIPT

The following statement could be used to create the autowl table within a Maria/MySQL database:

CREATE TABLE `autowl` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `sender_domain` VARCHAR(255) NOT NULL,
  `client_ip` VARCHAR(39) NOT NULL,
  `count` INT UNSIGNED NOT NULL,
  `last_seen` TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
  PRIMARY KEY (`id`),
  UNIQUE KEY `domain_ip` (`client_ip`, `sender_domain`),
  KEY(`client_ip`),
  KEY(`sender_domain`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1

AUTHOR

Markus Benning <ich@markusbenning.de>

COPYRIGHT AND LICENSE

This software is Copyright (c) 2014 by Markus Benning <ich@markusbenning.de>.

This is free software, licensed under:

The GNU General Public License, Version 2, June 1991