lib/Exim/Grey.pm
changeset 70 bb6af74ba8b2
parent 69 0f66e8a1364a
child 72 f095f28db247
equal deleted inserted replaced
69:0f66e8a1364a 70:bb6af74ba8b2
   218 the compangion L<exigrey> tool.)
   218 the compangion L<exigrey> tool.)
   219 
   219 
   220 The I<key> is mandotory, the default I<delay> is 600 seconds and the default I<db>
   220 The I<key> is mandotory, the default I<delay> is 600 seconds and the default I<db>
   221 is called F<seen>.
   221 is called F<seen>.
   222 
   222 
   223 I<Key> may contain a suffix, separated with '/'. This suffix is used for
   223 I<Key> may contain a suffix, separated by "/". This suffix is used for
   224 automatic whitelisting.
   224 automatic whitelisting.
   225 
   225 
       
   226 =item scalar B<seen>(I<key>, I<delay>, I<db>)
       
   227 
       
   228 The same as C<unseen()>, but with reversed result.
       
   229 
   226 =back
   230 =back
       
   231 
       
   232 =head1 EXAMPLES
       
   233 
       
   234 =head2 Greylisting
       
   235 
       
   236 First you have to include B<Exim::Grey> into your Exim. If Exim is built with Perl
       
   237 support, the configuration syntax allows for C<perl_startup>:
       
   238 
       
   239     perl_startup = use Exim::Grey qw(unseen);
       
   240 
       
   241 In the ACL section of the configuration can check if a given key (sender, or combination
       
   242 of sender and recipient, or whatever) is new (unseen):
       
   243 
       
   244     defer condition = ${perl{unseen}{<$sender_address>:$<local_part@$domain>}}
       
   245 
       
   246 If the same condition is checked more then I<delay> later, the C<unseen> function returns
       
   247 false.
       
   248 
       
   249 =head2 Greylisting + automatic whitelisting
       
   250 
       
   251 Greylisting gets annoying if you do it for senders that are already known to retry. Thus it might be
       
   252 good to maintain a whitelist. You may use a suffix to your key, separated by "/". Once the greylist
       
   253 filter is passed, the used suffixes are registered with the whitelist.
       
   254 
       
   255   t
       
   256   |
       
   257   0  a->b/x  # a->b never seen, suffix never seen: greylist
       
   258   1  a->b/y  # a->b again: accept AND put x and y to the whitelist,
       
   259   |          # as they are known to retry
       
   260   2  c->b/x  # c->b unknown, but x is already whitelisted: accept
       
   261   3  d->b/y  # d->b unknown, but y is already whitelisted: accept
       
   262   |
       
   263   v
       
   264 
       
   265 This can be implemented in your ACL as:
       
   266 
       
   267     defer condition = ${perl{unseen}{<$sender_address>:$<local_part@$domain>/$sender_host_address}}
       
   268 
       
   269 But, if I<a> and I<b> are the sender and the recipient address, and the
       
   270 subkey is the sender host address, a spammer might send a forged message
       
   271 after t0, to get whitelisted.
   227 
   272 
   228 =head1 INTERNALS
   273 =head1 INTERNALS
   229 
   274 
   230 =head2 Format of the database
   275 =head2 Format of the database
   231 
   276