. When using multiple MX, the sequence of delivery attempts can
become complicated, and if the sending MTA does not try all the MX servers, the delivery can be much
longer. milter-greylist has a multi-MX sync feature, that enable the database to be shared by all the
. In order to minimize the impact of greylisting, each time a message is accepted,
the triplet (sender IP, sender e-mail, recipient-email) gets autowhitelisted for a configurable period
(the default is one day). Newer messages matching the same triplet will pass through with no delay.
This feature can be disabled.
Roaming users and SMTP AUTH support
. You do not want to greylist your roaming users. milter-greylist
supports SMTP AUTH, so that authenticated users can bypass the greylisting action. Alternatively, if you
do not use SMTP AUTH but the "POP before SMTP" paradigm, you can feed milter-greylist a dynamic whitelist
of IP addresses generated on the fly as users connect to your POP service. "POP before SMTP" refers to the
successful authentication which requires users to fetch mail before sending.
. Internet IPv6 address is fully supported.
. Milter-greylist enables you to specify what messages should be whitelisted and
what message should be greylisted using access-lists (ACL). You can specify complex conditions on
sender IP, sender DNS address, sender e-mail address, and recipient e-mail address. Regular expressions
milter-greylist uses main memory to hold its database, which result in very fast operation. However,
in case of a system crash, the database is lost. In order to avoid that, a database checkpoint is
regularly dumped to a text file. This text file is read at milter-greylist restart, to resume
operation at the last checkpoint. You can tune the dump frequency in order to fit your
dedicated server environment.
This section describes several useful configuration and greylisting tips. These tasks can be completely
automated with scripts.
Make sure greylisting is working.
Set up the dump file frequency.
Whitelist known recipients.
Blacklist known recipients.
Selective greylist time setting (2 hours).
Run milter-greylist under a specific Linux user name.
Search for emails accepted (stat=Sent).
Search for relaying denied.
If milter-greylist was built with support for GeoIP (-with-libGeoIP) it's possible to perform greylisting
based on the country of origin. Example from greylist.conf that would greylist mail from Russia is provided.