218 the compangion L<exigrey> tool.) |
218 the compangion L<exigrey> tool.) |
219 |
219 |
220 The I<key> is mandotory, the default I<delay> is 600 seconds and the default I<db> |
220 The I<key> is mandotory, the default I<delay> is 600 seconds and the default I<db> |
221 is called F<seen>. |
221 is called F<seen>. |
222 |
222 |
223 I<Key> may contain a suffix, separated with '/'. This suffix is used for |
223 I<Key> may contain a suffix, separated by "/". This suffix is used for |
224 automatic whitelisting. |
224 automatic whitelisting. |
225 |
225 |
|
226 =item scalar B<seen>(I<key>, I<delay>, I<db>) |
|
227 |
|
228 The same as C<unseen()>, but with reversed result. |
|
229 |
226 =back |
230 =back |
|
231 |
|
232 =head1 EXAMPLES |
|
233 |
|
234 =head2 Greylisting |
|
235 |
|
236 First you have to include B<Exim::Grey> into your Exim. If Exim is built with Perl |
|
237 support, the configuration syntax allows for C<perl_startup>: |
|
238 |
|
239 perl_startup = use Exim::Grey qw(unseen); |
|
240 |
|
241 In the ACL section of the configuration can check if a given key (sender, or combination |
|
242 of sender and recipient, or whatever) is new (unseen): |
|
243 |
|
244 defer condition = ${perl{unseen}{<$sender_address>:$<local_part@$domain>}} |
|
245 |
|
246 If the same condition is checked more then I<delay> later, the C<unseen> function returns |
|
247 false. |
|
248 |
|
249 =head2 Greylisting + automatic whitelisting |
|
250 |
|
251 Greylisting gets annoying if you do it for senders that are already known to retry. Thus it might be |
|
252 good to maintain a whitelist. You may use a suffix to your key, separated by "/". Once the greylist |
|
253 filter is passed, the used suffixes are registered with the whitelist. |
|
254 |
|
255 t |
|
256 | |
|
257 0 a->b/x # a->b never seen, suffix never seen: greylist |
|
258 1 a->b/y # a->b again: accept AND put x and y to the whitelist, |
|
259 | # as they are known to retry |
|
260 2 c->b/x # c->b unknown, but x is already whitelisted: accept |
|
261 3 d->b/y # d->b unknown, but y is already whitelisted: accept |
|
262 | |
|
263 v |
|
264 |
|
265 This can be implemented in your ACL as: |
|
266 |
|
267 defer condition = ${perl{unseen}{<$sender_address>:$<local_part@$domain>/$sender_host_address}} |
|
268 |
|
269 But, if I<a> and I<b> are the sender and the recipient address, and the |
|
270 subkey is the sender host address, a spammer might send a forged message |
|
271 after t0, to get whitelisted. |
227 |
272 |
228 =head1 INTERNALS |
273 =head1 INTERNALS |
229 |
274 |
230 =head2 Format of the database |
275 =head2 Format of the database |
231 |
276 |