# Simple guide to add "greylist" work with qmail

## ismark

INSTALL 

(1) install mail server, please reference https://forums.gentoo.org/viewtopic.php?t=171499

(2) download "qgreylist" from http://www.jonatkins.com/qgreylist/qgreylist-0.2.tar.gz

(3) tar zxvf qgreylist-0.2.tar.gz

(4) cp greylist /var/qmail/bin

(5) mkdir /var/qmail/greylist

(6) chown qmaild:qmail /var/qmail/greylist

(7) nano -w /var/qmail/control/conf-smtpd

  (7a) add QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} /var/qmail/bin/greylist" before QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r relays.ordb.org"

TEST

(1) send mail from other mail server

(2) ls /var/qmail/greylist

(3) read log from /var/log/mail

----------

## neenee

hm. since i do not know what greylisting is, i looked it up:

```
Greylisting is a new method of blocking significant amounts of spam at the mailserver level, but without resorting to heavyweight statistical analysis or other heuristical (and error-prone) approaches. Consequently, implementations are fairly lightweight, and may even decrease network traffic and processor load on your mailserver.

Greylisting relies on the fact that most spam sources do not behave in the same way as "normal" mail systems. Although it is currently very effective by itself, it will perform best when it is used in conjunction with other forms of spam prevention. For a detailed description of the method, see the Whitepaper.

The term Greylisting is meant to describe a general method of blocking spam based on the behavior of the sending server, rather than the content of the messages. Greylisting does not refer to any particular implementation of these methods. Consequently, there is no single Greylisting product.
```

more info can be found here.

----------

## ismark

It is SIMPLE but WORKABLE!!!!

After I apply it into my mail server, SPAM mail cut over 90%.

----------

## thinair

greylist with relay-ctrl  :

greylist must be after QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} relay-ctrl-check"

like this :

QMAIL_TCPSERVER_PRE="${QMAIL_TCPSERVER_PRE} envdir /etc/relay-ctrl relay-ctrl-chdir"

QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} relay-ctrl-check"

QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} /var/qmail/bin/greylist"

----------

## Xeper

Hi guys

I know this topic is quite old but is greylist still alive?

I tried to use it on my system but I do fail because of "syslog".

Here are the problems (this appeared in /var/log/qmail/qmail-smtpd/current):

 *Quote:*   

> 
> 
> @400000004272285a061b703c getservbyname failed for tcp at /var/qmail/bin/greylist line 322
> 
> @400000004272285a062a933c unix dgram connect: No such file or directory at /var/qmail/bin/greylist line 322
> ...

 

Well line 322 in /var/qmail/bin/greylist says: syslog "debug", "running cleanup" if $debugmsg;

I checked the existence of Sys::Syslog and also merged dev-perl/Unix-Syslog (dunno if its necessary).

So it has something to do with perl and the system logger - mine is metalog. I've no clue about perl so I cant say.

Has someone experiences this problem?

Here some infos about my System:

mail-mta/qmail-1.03-r13

app-admin/metalog-0.8_pre20031130

dev-lang/perl-5.8.5-r5

(my system is mostly "stable" branch)

If someone needs further information, just ask.

thanks

----------

## mephman

 *thinair wrote:*   

> greylist with relay-ctrl  :
> 
> greylist must be after QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} relay-ctrl-check"
> 
> like this :
> ...

 

Am I right, if I think this is the only possibility to control relay? Please correct me if I'm wrong, but greylisting breaks SMTP-AUTH. Since this is done later in chain.

Or ist there any possiblity to run greylisting only, if there isn't done a successful SMTP-AUTH?

----------

## cerb

the new qgreylist supports this option.

but i have another tricky question:  my qmail apparently does not resend a message after it got greylisted by another server.  it receives the 450 error and the immediately states "giving up on ..:" in the log.  the mail simply vanishes - there is no error message, no mail to me saying that there was a delivery problem and no mail to the postmaster - the mail just disappears from the queue and is gone.

any suggestions??

----------

## Vieri

There's an ebuild for qgreylist but it hasn't entered portage yet.

https://bugs.gentoo.org/show_bug.cgi?id=107361

Feedback in bugzilla appreciated.

----------

## luker2701

 *Quote:*   

> 
> 
> (7) nano -w /var/qmail/control/conf-smtpd
> 
> (7a) add QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} /var/qmail/bin/greylist" before QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r relays.ordb.org" 
> ...

 

Why would one want to have greylisting before RBLs?  Wouldn't it make more sense to block known open-relays first, then greylist any connection that gets past the RBLs?

Here's an excerpt of my /var/qmail/control/conf-smtpd file.

```

# You might want to use rblsmtpd with this, but you need to fill in a RBL

# server here first, see http://cr.yp.to/ucspi-tcp/rblsmtpd.html for more

# details

#QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r RBL-SERVER"

QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r relays.ordb.org"

QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r list.dsbl.org"

QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r dnsbl.sorbs.net"

QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r sbl.spamhaus.org"

# Add greylisting if the IP makes it past the spam/open-relay lists.

QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} /var/qmail/bin/greylist"

```

----------

## Vieri

 *luker2701 wrote:*   

> 
> 
> Why would one want to have greylisting before RBLs?  Wouldn't it make more sense to block known open-relays first, then greylist any connection that gets past the RBLs?
> 
> 

 

The way I see it (correct me if I'm wrong) is that RBL lookups are "costly" networkwise. On the other hand, greylisting is "lightweight" and done locally. So that might explain the preferred order.

----------

## tminos

I would recommend looking into qpsmtpd as well.  Its a replace for qmail-smtpd written in Perl, and its very highly configurable and extensible.  I was able to switch without any of the 10,000 clients I have ever noticing.  The greylisting plugin it has along with its ability to call spamassassin over spamc/Unix socket reduced the load on my mailserver dramatically (I was using Qmail-Scanner).  I have at least a dozen plugins I've written myself to make management and monitoring easier too--I'd highly recommend giving it a try.

----------

## Vieri

Looks interesting especially since it integrates SPF, grelisting, etc.

Would be nice to have an ebuild for this... :Wink: 

----------

## Martz

I use greylisting with postfix and it rocks  :Very Happy:  Excellent solution, although there are some downsides - like some silly MTAs out there dont retry mail, and pools of smtp servers like hotmail which dont send from the same IP or address block every time.

RBL should be done before greylisting, while expensive - it rejects known spam before checking for spam. Its logical from a spam filtering point, rather than cost. RBL + greylisting  + requiring valid HELO will reduce a massive amount of spam.

----------

## plazmid

 *ismark wrote:*   

> INSTALL 
> 
> (7) nano -w /var/qmail/control/conf-smtpd
> 
>   (7a) add QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} /var/qmail/bin/greylist" before QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r relays.ordb.org"

 

The problem is in the following: if greylist is set before rblsmtd, then it works fine, but the rblsmtpd check is not reached.  In the same time, if greylist is set after rblsmtd, then both greylist and rblsmtpd works fine. What`s wrong?  Any idea?

p.s. there isn`t anything about rblsmtpd in smtd logs  (tail qmail/qmail-smtpd/current).

@40000000476225fd22a05f4c tcpserver: ok 10843 :192.168.0.3:25 sita.openmoko.org:88.198.124.203::43014

@40000000476225ff3212429c tcpserver: status: 2/40

@40000000476225ff32146d4c tcpserver: pid 10849 from 88.198.124.203

@40000000476225ff321fa84c tcpserver: ok 10849 :192.168.0.3:25 sita.openmoko.org:88.198.124.203::43025

@40000000476226013303789c qmail-spp (vpopmail_check_recipient.sh) [10853]:  xxx@xxx exists (vuserinfo).

@40000000476226032fed7284 qmail-spp (vpopmail_check_recipient.sh) [10878]:  xxx@xxx exists (vuserinfo).

@40000000476226041cfb2aa4 tcpserver: end 10843 status 0

@40000000476226041cfb2e8c tcpserver: status: 1/40

@400000004762260518af05ec tcpserver: end 10849 status 0

----------

