Greylite adheres the UCSPI interface. It is called by tcpserver and passed the communication sockets and several per-source-address environment variables that control its behaviour.
Greylite interfaces with the upstream server
in compliance with
the UCSPI interface. The ucspi2socket module can be used to
for interfacing to any socket-based interface – e.g. for
connecting via SMTP.
Greylite's behaviour is only controlled by environment variables. They can be either passed by tcpserver (see the tcprules format) or enforced by prepending greylite with /usr/bin/env.
Upon receiving the connection, greylite passes to the upstream server transparently if the GREYLIST environment variable is not set.
The sending address is looked up in the list of verified
addresses, those that passed the greylisting challenge once. If found,
greylite passes to the upstream server transparently.
Every time the sender has to be challenged, the upstream server is
contacted. This allows the client to exchange a true session
with the server, getting its true capabilities, possibly responses to
extended and custom commands etc.
The command session is supervised. Once the envelope data (MAIL FROM / RCPT TO commands) has been wrapped up, the communication between the client and the server is suspended.
The number of retrials the sender must pass is determined according to the suspicion ruleset.
If the number of delivery attempts for the current message is sufficient, the message is passed. Moreover, if the client is not suspicious, it is whitelisted.
Stale pending entries are pruned automatically after a default of 18 hours. Inactive verified servers are pruned automatically after 20 days.
