[milters] Archive

Lists Index Date Thread Search

Article: 1666
From: DAve
Date: 2007-08-30 11:06:12 -0400
Subject: Re: Milter-ahead and milter-gris. Using the access

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

DAve wrote:
> Removal...........: milters-request@milter.info?subject=remove
> More information..: http://www.milter.info/#Support
> --------------------------------------------------------
> 
> DAve wrote:
>> Removal...........: milters-request@milter.info?subject=remove
>> More information..: http://www.milter.info/#Support
>> --------------------------------------------------------
>>
>> Good morning,
>>
>> I have just finished setting up a new test server as we are upgrading 
>> all software on our mail gateways and I want to test the whole package 
>> before rollout. Currently we are using a very old and moldy version of 
>> milter-ahead and milter-greylist. We are testing the newest milter-ahead 
>> and milter-gris.
>>
>> Setup looked good, testing shows the milters are working as advertised. 
>> However, I am confused a bit on the use of the access file to control 
>> whitelist/blacklist on messages via the milters. Things such as 
>> milter-gris-Connect:, milter-gris-From:, and milter-gris-To:. I have 
>> read the docs but I may be just too dense to grasp the concepts.
>>
>> I can test at will so experimentation is ok, but I would like to know if 
>> there are any examples out there to look through. A cookbook, how-to, 
>> etc. I tried the archives and searched the usual places. No joy.
>>
>> Thanks,
>>
>> DAve
> 
> Hmmm, still confused. I have my test server running in VMWare inside my 
> NOC network. I am trying to send a test message from with the NOC. I 
> cannot seem to get milter-gris to whitelist. I have tried the following 
> which after reading several posts in the archives seems as it should work.
> 
> Connect:10.0.241.	OK
> milter-ahead-Connect:	REJECT
> 
> I would think that would whitelist milter-gris and still allow 
> milter-ahead to work. When I try to send a message I see in the log 
> where milter-gris reopens the /etc/mail/access.db file, as it should 
> since I remade it.
> 
> But still, milter-gris tells me to try again later. Any thoughts?

OK, had a few internal things to sort out, but it is working and now I 
am really confused. My access file looks like so,

Connect:10.0.241.	OK
milter-gris-Connect:	OK

Now milter-gris is not greylisting from 10.0.241.126 and milter-ahead is 
verifying from 10.0.241.126. This is what I want so I am getting a 
better understanding. However it seems to be backwards from how I read 
the docs.

Based on http://www.snertsoft.com/sendmail/milter-gris/ I understand the 
tags to be the following,

OK RELAY = yes, affirmative
REJECT ERROR = no, negative
SKIP = continue

Which jives with the above examples but that is not how I understood the 
docs. Reading archives helped, these messages made things somewhat clearer,

http://www.snert.com/Software/ecartis/index.php?go=/milters/2004-09/55
http://www.snert.com/Software/ecartis/index.php?go=/milters/2006-09/1147

Still testing, but so far I am making sense of it. The use of the access 
file is very powerful, better than milter-grey and our 
old-moldy-milter-ahead, which we had been using.

Thanks,

DAve


-- 
Three years now I've asked Google why they don't have a
logo change for Memorial Day. Why do they choose to do logos
for other non-international holidays, but nothing for
Veterans?

Maybe they forgot who made that choice possible.

Lists Index Date Thread Search