>But after some time they can add new subnets, and I need spend time to
>to periodically check this and update rules.
You still don't get it - you do ***NOT*** have to add any rules, it
just happens automagically. You setup your policy to greylist using a
/20 or /23 mask on the sender IP and the greylisting will deal with
this without you having to setup a single sender specific rule.
>So, with this feature I will can disable mail delaying via greylist
>from gmail.com too with adding *.google.com to wildcard, because
>google have many smtp servers too:
>mail-bw0-f43.google.com
>mail-bw0-f67.google.com
>mail-fx0-f43.google.com
>mail-gw0-f43.google.com
>mail-gx0-f171.google.com
>mail-gy0-f171.google.com
>mail-pv0-f171.google.com
>mail-pv0-f195.google.com
>mail-pw0-f43.google.com
>mail-px0-f171.google.com
>mail-px0-f195.google.com
>mail-vw0-f43.google.com
>mail-vx0-f171.google.com
>mail-ww0-f53.google.com
>mail-yw0-f43.google.com
>smtp-out.google.com
2 209.85.160
2 209.85.161
3 209.85.212
1 209.85.213
2 209.85.214
1 209.85.220
1 216.239.44
1 72.14.224
2 74.125.121
1 74.125.82
3 74.125.83
Those servers are in a very small set of IP blocks. We receive mail
from gmail.Google and don't have any problems caused by this. I use
/24 for the subnet in the greylisting module. I've been using
greylisting for many years (at least 4 years just at home, longer at
work but I can't recall how long).
Perhaps it might help if you could show us a specific example where
the current greylisting setup isn't working.
It might also help if you posted your current greylisting policy.
In practice I've not had any problems with long delays caused by the
sender having a large pool of mailers. Problems caused by faulty
software, or bad configurations - plenty. And I've had some
interesting discussion with people who think it's my fault that mail
from their non-RFC compliant software is failing ... But none from
greylisting as such.
Doing a double lookup and then applying a policy based on the result
isn't supported in Policyd. However, if (as I advice against) you
apply the constraint that the reverse then forward lookups give you
the same result *prior* to calling Policyd then I can suggest a
workaround.
Configure two policies for inbound mail.
One should include members of a group, the other should exclude
members of that group - ie the two classes are mutually exclusive.
Now configure greylisting only for the policy which excludes the group.
Put the senders you want to avoid greylisting into the group and
they'll bypass greylisting altogether.
--
Simon Hobson
Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
_______________________________________________
Users mailing list
[email protected]
http://lists.policyd.org/mailman/listinfo/users
