On 2006-10-04 Yuri D'Elia <[EMAIL PROTECTED]> wrote: [...] > I assume you, like me, were using postgrey with exim and blindly > followed the instructions contained in the README. [...]
Hello, ccing upstream's mailing list. I based my setup on http://blog.mombe.org/systems/greylistexim.htm but applied some minor changes. http://www.bebt.de/blog/debian/archives/2006/07/30/T06_12_27/ > It turns out that postgrey requires the "instance" parameter, which > is given in postfix, but not in the supplied exim configuration example. > exim does not provide an identifier like this, but you can construct > one (see below). > How postfix can generate such an id properly is beyond me. > IMHO using "instance" is useless, as the message instance is > implicitly the "triplet" without subnet truncation. > This is the minimal required exim expansion: > set acl_m0 = request=smtpd_access_policy\n\ > client_address=$sender_host_address\n\ > client_name=$sender_host_name\n\ > sender=$sender_address\n\ > [EMAIL PROTECTED] > instance=$sender_host_address/$sender_address/ > [EMAIL PROTECTED] Quote http://www.postfix.org/SMTPD_POLICY_README.html#protocol | The "instance" attribute value can be used to correlate different | requests regarding the same message delivery. and an example value is "instance=123.456.7". Browsing the source code yields: src/smtpd/smtpd.h" VSTRING *instance; /* policy query correlation */ int seqno; /* policy query correlation */ "src/smtpd/smtpd.c" /* * No more early returns. The mail transaction is in progress. */ state->time = time((time_t *) 0); [...] vstring_sprintf(state->instance, "%x.%lx.%x", var_pid, (unsigned long) state->time, state->seqno++); I have not really wrangled with the source code, but this looks like instance identifies a command in a smtp session. This woud make it useful for a single purpose: Identifying a duplicate request, i.e. if postgrey was invoked for exactly the same triplett on exactly the same smtp session twice, due to some special configuration. Exim caches these lookups, therfore it should be a noop and instance=$pid.$tod_epoch.$sender_host_port would work. Hmm, unless postgrey indeed does something useful with instance, it should handle its absence: ----------------------------------- Quote postfix docs: When an attribute value is unavailable, the client either does not send the attribute, sends the attribute with an empty value ("name="), or sends a zero value ("name=0") in the case of a numerical attribute. ---------------------------- cu andreas -- The 'Galactic Cleaning' policy undertaken by Emperor Zhark is a personal vision of the emperor's, and its inclusion in this work does not constitute tacit approval by the author or the publisher for any such projects, howsoever undertaken. (c) Jasper Ffforde -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
