rmilter icon indicating copy to clipboard operation
rmilter copied to clipboard
verified publisher icon vstakhov

doesn't stop greylisting

Open chromerobv opened this issue 10 years ago • 7 comments

i recently upgraded to 1.6.5 and for some reason it will not stop greylisting items. i sent something over an hour ago and it still says to try again later.

Oct 18 22:53:36 c6 postfix/smtpd[17013]: connect from mail-ob0-f177.google.com[209.85.214.177] Oct 18 22:53:36 c6 postfix/smtpd[17013]: setting up TLS connection from mail-ob0-f177.google.com[209.85.214.177] Oct 18 22:53:36 c6 postfix/smtpd[17013]: Anonymous TLS connection established from mail-ob0-f177.google.com[209.85.214.177]: TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits) Oct 18 22:53:36 c6 postfix/smtpd[17013]: 6BAC0280100: client=mail-ob0-f177.google.com[209.85.214.177] Oct 18 22:53:36 c6 postfix/cleanup[16874]: 6BAC0280100: message-id=CABXkipAnsvew6Q=A8PxFm8kesBjoC5PqwGNdti6du1Ycp=GVjQ@mail.gmail.com Oct 18 22:53:45 c6 postfix/cleanup[16874]: 6BAC0280100: milter-reject: END-OF-MESSAGE from mail-ob0-f177.google.com[209.85.214.177]: 4.7.1 Service unavailable - try again later; [email protected] [email protected] proto=ESMTP helo=<mail-ob0-f177.google.com> Oct 18 22:53:45 c6 postfix/smtpd[17013]: disconnect from mail-ob0-f177.google.com[209.85.214.177]

the hard part is rmilter no longer shows up in any of my logs. normally when i start it i see something in my maillog that says: Oct 18 22:51:01 c6 rmilter[16865]: main: starting rmilter version 1.6.5 Oct 18 22:51:01 c6 rmilter[16865]: reload_thread: starting...

and then more rmilter log entries as things happen, now nothing.

...here is my config

http://pastebin.com/yJB31avw

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

chromerobv avatar Oct 19 '15 02:10 chromerobv

What are the MTA source IP addresses for the first and subsequent attempts of sending.

vstakhov avatar Oct 19 '15 12:10 vstakhov

with 1.7.2, greylisting does not work.
milter-reject: END-OF-MESSAGE from f5nat-luu.hard.ware.fi[178.217.130.7]: 4.7.1 Try again later; [email protected] to:x@y proto=ESMTP helo=<mta-out-12.luukku.com> attempts were made Jan 24 11:10:39, Jan 24 11:30:51, Jan 24 11:51:50, Jan 24 12:33:50, Jan 24 13:57:51, Jan 24 16:45:51, Jan 24 22:21:54, Jan 25 09:34:01. memcached has been running since 20 Jan.

Safari77 avatar Jan 25 '16 08:01 Safari77

I also have greylisting trouble with google. As explained in https://support.google.com/mail/answer/180063?hl=en, google may never use the initial IP in subsequent retries.

What about using a fingerprint ( e.g md5 of subject + return-path + to + date headers ) instead of IP address as greylist key ?

Or, as suggested by google, be able to add whole domains to greylisting's whitelist ?

vixns avatar Feb 29 '16 18:02 vixns

Rmilter already stores data hash for that purposes.

vstakhov avatar Mar 01 '16 11:03 vstakhov

It seems that I've found an issue with data hash greylisting. It should be fixed by now.

vstakhov avatar Mar 01 '16 14:03 vstakhov

Something is still not right with greylisting. I (still) use memcached, and messages get greylisted over and over again. Source IP, message ID and spamd scan result are identical, but greylisting_check_hash reports different hashes (and hence adds a new record).

rmilter 1.7.5 on Ubuntu.

agners avatar Mar 21 '16 05:03 agners

I've investigated this issue and it turns out that it is related to memcached. Switching to redis should help.

vstakhov avatar Apr 14 '16 08:04 vstakhov