What is greylite?
It is a SPAM filter that is easy to install and maintain, has good
effectiveness and no false positives.
Is it free?
greylite is open source software. It is released with a BSD
license, it can be used and redistributed for private or
commercial activities free of charge.
How much SPAM does it cut? Is it worth it?
See greylite effectiveness
(mind the Y scale logarithmic) and see installation
timings.
Is there any support for greylite?
If the docs do not solve your problems contact mij@bitchx.it.
How secure is greylite?
Several practices have been used from the design down to the
implementation and up again to the release policy for this. I use the
software myself on my servers. Nonetheless, no guarantees are given and
the author is not responsible for any damage you could incur related to
the use of the software.
Where to report bugs and request features to?
E-mail mij@bitchx.it.
I like greylite, can I help?
There are some notes in the appreciators page.
What systems does it work with?
It works on UNIX with any SMTP server. With qmail, it interfaces
directly. With any SMTP server, it proxies it.
Does it support SMTP auth?
Yes. Greylite recognizes and passess AUTHenticated deliveries without intervention.
Would – non-standard command – pass through
greylite?
Yes. Because of the way it works, greylite supervises the command
session transparently and just intervenes after it has intercepted the
sender/recipient out of it.
What about performance?
I don't have specific data. It sustains 15 connections per second
without sensible load on a dual CPU FreeBSD server I control. If you
have numbers on load intensive servers please let me know.
My current mailserver does greylisting on its own. Should I
consider greylite?
It may be worth it because greylite has sensibly better effectiveness
in cutting SPAM and less delays with respect to standard greylisting
implementations. You can plug greylite in front of your mailserver
without even taking care to disable your server's own greylisting (but
be neat and reasonable and disable it).
Where are the log files?
In compliance with other UCSPI tools, greylite dumps the logging
information on its standard error stream. Thus, when run with qmail
you find greylite's logging in the same log files as qmail-smtpd.
When run as a reverse SMTP proxy for other servers, you can redirect
this information to a log file with:
tcpserver ... 2>>/var/log/greylite.log
How big can the database get?
This depends on several parameters. The space-taking part of the data
stores the delivery attempts. If many spammers attempt deliveries, and
never achieve the verification phase, this table grows. These entries
are automatically pruned with a certain frequency (approximately 1 time
every 800 writes by default). Pruning deletes entries that are older
than a certain threshold (no new attempts for 18 hours by default).
As a rule of thumb, the database doesn't usually get bigger than 5000
entries. A SQLite database of this kind takes approximately 5
MegaBytes.
If you need to modify the frequency of pruning or the window for stale
entries, adjust the values of the DB_CLEANUP_PERIOD and
STALE_PENDING_ENTRIES_PERIOD constants in the source file
db.h, then recompile and reinstall.
Mail from domains with plenty of smtp servers (gmail, yahoo etc) is always delayed.
As far as I know greylite is the only implementation capable to address this
problem. See the practical matters page.
I get Query failed ... unable to open database file
from tcpserver's logs
sqlite requires write access to the directory where the
database file is held. Write permission on the database file itself is
not sufficient.
Verify that the user greylite runs as has write permission on both the
.db file and its holding directory.
How can I test it's working?
See testing greylite.
Reverse DNS
rules do not work in my rule chain, I always get
Unable to get PTR for address '1.2.3.4'.
You are using the -H flag in tcpserver, which means
to disable reverse DNS resolution.
I get tcpserver: end XYZ status 11
from these from
tcpserver's logs, and the server doesn't respond
You have softlimit set with too strict limits. Greylite must
load the sqlite library and possibly the GeoIP library, adjust the
limit by taking this into account.
In the logs I find messages like Client '1.2.3.4' dropped
the connection
and Error in read():
...
and Read timeout reached for socket 0,
client 1.2.3.4
: what's wrong?
Nothing is wrong. The connection is unexpectedly closed, that is the
usual behaviour of the most stupid bulk mailers. Use this tools to
ascertain: timeout-percent.sh,
timeout-servernames.sh.
Do I need a default rule in the suspicion ruleset?
You don't. If you do, whitelisting will be never applied and every
server will be required to pass greylisting every time.
I have set a rule for greetdelay in the suspicion file, but when I
connect the server responds immediately without pause.
You must also enable greetdelay with the corresponding
GREETDELAY environment variable, see controls.
I use qmailrocks
with the JMS
patch for the
STARTTLS command, and sessions are closing
(hanging).
The author of the patch has his own point
about this problem. Greylite doesn't contain known bugs yet that
can explain this incompatibility on its side. Users report that
accessing the upstream server in proxy mode instead of wrapper fixes
the problem.