Greylite is controlled by the following environment variables.
| Name | value | meaning |
|---|---|---|
| GREYLIST | none | if not set, greylisting is disabled and control is passed immediately to the smtpd transparently. If set, greylisting mediation is enabled. Besides existence, the value assigned to this variable is completely ignored. |
| LOGTHRESHOLD | integer | if set to an integer between 0 (LOG_EMERG) and 7 (LOG_DEBUG), log messages with priority strictly lower than this value are not reported. Otherwise, the default threshold is 3 (LOG_ERR). |
| SUSPICION | string | if set, its value indicates the full path to the suspicion file. |
| GEOIPDB_FILE | string | when using suspicion with GeoIP rules, the value of this variable is the full path and filename of the GeoIP database. If not set, greylite will look for /usr/local/share/GeoIP/GeoIP.dat. |
| GREETDELAY | none or integer | when set, greylite opens the connection immediately but introduces a small delay (by default 6 seconds) before actually responding data to the client. If its value is a positive integer, it represents a custom delay to wait, in millisecs. |
For SQLite:
| Name | value | meaning |
|---|---|---|
| DBFILE | string | if set, its value indicates the full path to the database file to use. If not set, the default filename /var/db/greylite/greylite.db is used. |
For PostgreSQL (only in greylite ≥ 3.0):
| Name | value | meaning |
|---|---|---|
| DBRESOURCE | string | space separated list of couples key=val. Keys
are: hostaddr (IP address of the server) or
host (name address of the server), port
(port number), dbname (database to use),
user (username to connect as) and
password. Example: hostaddr=127.0.0.1 port=5432 dbname=greylite user=greylite password=mypass. See postgresql connection strings for more information. |
For MySQL (only in greylite ≥ 3.0):
| Name | value | meaning |
|---|---|---|
| DBRESOURCE | string | list of connection parameters separated by :. In order: host:user:password:databasename:port:socket. Some fields may be left empty. |
Control variables are environment variables present in greylite's running environment.
Environment variables can be set by tcpserver. As soon as a connection arrives, tcpserver determines whether to accept it looking up the client address in a rules file. For each client, a list of environment variables can be specified; tcpserver will set them right before running the service that will serve the connection (greylite).
Rule files are text files in tcprules format. It is a list of lines, each contains an address, an allow/deny action and possibly a list of environment variables:
# a comment 1.2.3.4:allow # don't let 10.11.12.13 in 10.11.12.13:deny 5.6.7.8:allow,VARIABLE1="value1",VAR2="val2" # a range from 1.2.1.* to 1.2.10.* 1.2.1-10.:allow,VAR="foo" # default deny :deny
A common configuration for greylite is this:
# for localhost and LAN users: be open relay (qmail) and do not greylist at all 127.0.0.1:allow,RELAYCLIENT="" 192.168.:allow,RELAYCLIENT="" # for everybody else, enable greylisting (with the proper other settings) :allow,GREYLIST="",DBFILE="/var/db/greylite/greylite.db"
This rule file is meant to be compiled with:
cat rulesfile.txt | tcprules /etc/smtp.cdb /tmp/foo123.cdband meant to be used by tcpserver with the -x argument:
tcpserver -x /etc/smtp.cdb ...