Reducing Spam with milter-greylist

milter-greylist is a sendmail milter which implements the greylist filtering method, as proposed by Evan Harris.

Greylisting works by assuming that, unlike legitimate MTA, spam engines will not retry sending their junk mail on a temporary error. The filter will always reject mail temporarily on a first attempt, then accept it after some time has elapsed.

So this method of greylisting works very well if used with a combination of DNS-Based Blacklisting as the spammer would have gotten blacklisted in several real-time distributed black lists before the second attempt and effectively reducing spam emails.

Below is an outline of quickly building and installing the greylist milter and configuring sendmail to use the milter. This was done on a RHEL3 box.

  1. Install sendmail-devel (to include libmilter) along with flex and bison rpm packages.
    # up2date --install sendmail-devel flex bison

  2. Download the stable release and build rpm of milter-greylist.
    Reference: rpmbuild
    $ wget
    $ rpmbuild -tb milter-greylist-2.0.2.tgz

  3. Once the rpm is built, install via:
    # rpm -ivh milter-greylist-2.0.2-1.i386.rpm

  4. Setup it up to startup at boot:
    # chkconfig milter-greylist on

  5. Go through the default "/etc/mail/greylist.conf" configuration file, edit it and add addr lines for at least localhost and all your local network addresses. Here is an example:
    acl whitelist addr
    acl whitelist addr
    acl whitelist addr

    Type "man greylist.conf" for more information on the syntax.

  6. Start and test the milter. Check the maillog for any errors...
    # tail -f /var/log/maillog
    # services start milter-greylist

  7. Modify file to configure sendmail to use the milter.

    Note: The single quotation marks are not all the same -- the first quotation mark in each pair is a backquote, the second is an apostrophe.
    The line should be placed just after the dnsbl checks to work effectively. Here is how mine currently looks like:
    # Start DNSBL BlockList
    FEATURE(`dnsbl', `', `"554 Rejected "$&{client_addr}" - see"')dnl
    FEATURE(`dnsbl', `', `"554 Spam blocked - see"$&{client_addr}')dnl
    FEATURE(`dnsbl', `', `"554 Rejected "$&{client_addr}" - see"')dnl
    FEATURE(`dnsbl', `', `"554 Rejected "$&{client_addr}" - see"')dnl
    FEATURE(`dnsbl', `', `"554 Rejected "$&{client_addr}" - see"')dnl
    # End DNSBL BlockList
    # Start Greylisting
    INPUT_MAIL_FILTER(`greylist', `S=local:/var/milter-greylist/milter-greylist.sock')dnl
    # End Greylisting

  8. Use m4 to rebuild your file from your modified file.
    # m4 /etc/mail/ > /etc/mail/

  9. Restart sendmail:
    # service sendmail restart

  10. Try sending mail from another server and check "/var/log/maillog" file for 'Greylisting in action' to verify the installation.
    # grep 'Greylisting in action' /var/log/maillog

With greylisting in place, I have about a couple emails that get through the milter but is effectively tagged as SPAM by SpamAssassin and has my Inbox free of Spam!!

Related Links:

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Announcing dnsbl

Spamhaus now have a new BL name called that will replace sbl-xbl.

"zen" will include sbl+xbl and also "pbl" list, which is a list of "Non-MTA IP address ranges set by the block owner's outbound mail policy". So an ISP/email admin can voluntarily submit a range of IP's on their network which are not allowed to send email.

Here's a brief from their site:

ZEN is the combination of all Spamhaus DNSBLs into one single powerful and comprehensive blocklist to make querying faster and simpler. It contains the SBL, the XBL and the new PBL blocklist.

Caution: replaces

If you are currently using you can now replace 'sbl-xbl' with 'zen' ( will eventually become obsolete and may in the future be withdrawn from service). should now be the only DNSBL in your configuration. You should not use ZEN together with other Spamhaus blocklists or you will simply be wasting DNS queries and slowing your mail queue.

You can get more info at:

i386 RHEL3 milter-greylist rpm download

Here's the md5sum with download link:

eb448ba2ab1af64d366e75e16d7f976a -- milter-greylist-2.0.2-1.i386.rpm


Built with smmsp user on RHEL3:

# rpmbuild -tb --define "build_user smmsp" milter-greylist-3.0.tgz

0e93358a6292462766df031b6861ff15 milter-greylist-3.0-1.i386.rpm

SIM module for milter-greylist

If you are using SIM to monitor your services, then below is simple "greylist.mod" you can add to the modules folder to monitor milter-greylist:

serv_init $init_name $run_name 3

Turn the monitoring on by specifying it in the mods.control file:

init.greylist on