Skip to content

greydaemon.8

Manvendra Bhangui edited this page Sep 4, 2022 · 1 revision

NAME

greydaemon - greylisting daemon

SYNOPSIS

greydaemon [ -u username ] [ -w whitelist ] [ -t timeout_days ] [ -g resend_window_hours ] [ -m min_resend_minutes ] [ -s save_interval_minutes ] ipaddr savefile

DESCRIPTION

greydaemon is a greylisting daemon responding to UDP query packets, typically sent by a modified qmail-smtpd. Queries consist of the sending IP address, the sender address and one or more recipient addresses.

If the IP address was previously successful for a greylisting check and was last queried within timeout_days the check succeeds. Alternatively if one of the supplied triplets of IP address / sender / recipient have previously been seen within resend_window_hours but at least min_resend_minutes ago, the check succeeds and future checks within resend_window_hours for the IP address will succeed. Otherwise the triplet(s) supplied are added to the greylisting database to check against future queries, and the check fails (meaning qmail-smtpd will reject the message).

greydaemon must be started as root but quickly changes its effective user/group id to that specified by username.

greydaemon maintains its database in memory, thus avoiding complicated schemes to manage greylisting data on disk - as well as benefitting from being faster than disk-based approaches. Nevertheless periodic backups of the database are made to savefile on the disk to enable greydaemon to start with existing greylisting data if greydaemon restarts, such as when the machine is rebooted.

At start-up the file savefile is read. This contains the list of currently greylisted addresses; greydaemon writes a new savefile periodically (about every 10 minutes). This period can be changed by specifying the -s option. Since greydaemon runs as username, savefile and its containing directory should be writeable by username.

greydaemon listens on IP address ipaddr , port 1999 for incoming UDP queries. 127.0.0.1 (the loopback address) is recommended for ipaddr if greydaemon is to serve queries on the same machine.

OPTIONS

-u username
run as user username

-w filename
specify whitelist of IP ranges not subject to greylisting

-t days
timeout for known IPs in days; defaults to 7.

-g hours
grey resend window, in hours; defaults to 12.

-m minutes
min resend accept time, in minutes; defaults to 5.

-s minutes
save interval for context file, in minutes; defaults to 10

QUERY FORMAT

Queries to greydaemon are UDP packets containing the IP address (as a string) preceded by I; the sender address preceded by F and the recipient address preceded by T. Each of these fields is separated by an ASCII 0 (null) character. Additional recipient addresses may be appended to this structure - each time preceded with T and with an ASCII 0 as separator.

SEE ALSO

qmail-smtpd(8).

AUTHORS greydaemon is written by John Levine. This man page is written by Andrew Richards.

Clone this wiki locally