Table of Contents

j-greyd - Greylist database server

Introduction

j-chkmail has two configuration options which control how they handle greylisting. The configuration option GREY_MODE can take value STANDALONE or CLIENT. In standalone mode the filter manages all greylisting data, while in client mode, it manages its own database, the same way as in standalone mode but when the information it needs isn't found locally, it contacts a greylisting server and ask him what to do. Also, when it updates some information locally, it signals the greylisting server.

The client mode is useful when you want to synchronize all your MXs, or if you have more than one main MX with the same weight.

Normally, the filter default configuration options are :

j-chkmail.cf

GREY_MODE                          CLIENT
GREY_SOCKET                        inet:2012@127.0.0.1

Some thoughs about the interest of using a centralized or distributed greylisting architecture can be find here

Configuration

j-greyd configuration options can be found at :

j-chkmail.cf

#
# Configuration options shared with j-chkmail
#
GREY_LOG_FILE                    file:j-grey-expire
GREY_MIN_DELAY_NORMAL            10m
GREY_MIN_DELAY_NULLSENDER        10m
GREY_MAX_DELAY_NORMAL            3d
GREY_MAX_DELAY_NULLSENDER        6h
GREY_VALIDLIST_LIFETIME          1w
GREY_WHITELIST_LIFETIME          2w
GREY_BLACKLIST_LIFETIME          1d
GREY_PENDING_NORMAL              1000
GREY_PENDING_NULLSENDER          1000
GREY_IP_COMPONENT                NET
GREY_FROM_COMPONENT              HOST
GREY_TO_COMPONENT                FULL
GREY_CLEANUP_INTERVAL            10m
GREY_DEWHITE_FLAGS               DomainMatch
#
# Configuration options exclusive to j-greyd
#
GREYD_SOCKET_LISTEN              inet:2012@0.0.0.0
GREYD_LOG_FACILITY               local6
GREYD_LOG_LEVEL                  10
GREYDDIR                         /var/jchkmail/jgreydb
GREYD_PID_FILE                   /var/run/jchkmail/j-greyd.pid
GREYD_CLIENT_IDLE_MAX            300

j-policy.txt

GreydAccess:default         REJECT
GreydAccess:127.0.0.1       OK
GreydAccess:10.3.5.5        OK

Running

Start-Up Script

Using j-ndc with j-greyd

You can use j-ndc the same way as you do with j-chkmail, if j-greyd is listening on an INET port. But j-greyd accepts much less commands than j-chkmail. Useful commands are :

j-ndc

# re-read j-chkmail configuration file
$ j-ndc -p 2015 reconfig
# re open j-policy database
$ j-ndc -p 2015 reopendb

Command line options

j-greyd -h

$ j-greyd -h
Usage : j-greyd options
  Joe's j-chkmail v2.0.0-090131
  Compiled on Feb  6 2009 21:44:45
        -h  : this message
        -u  : run j-greyd as USER - default = smmsp
        -g  : run j-greyd as GROUP - default = smmsp
        -s  : socket
              inet:2012@localhost
              local:/var/sock
        -a    client access control : "1.2.3.4,4.3.2.,11.22.33.44"
        -n  : ntuple definition : IP,FROM,TO
              IP   =  NONE | FULL | NET
              USER =  NONE | FULL | USER | HOST
              TO   =  NONE | FULL | USER | HOST
              DEFAULT = NET,HOST,FULL
        -t  : pending entries time constants : ta,tb,tc,td
              ta  = Min Pending delay - normal senders
              tb  = Max Pending delay - normal senders
              tc  = Min Pending delay - null senders
              td  = Max Pending delay - null senders
        -T  : valid entries time constants : tv,tw,tb
              tv  = valid entries lifetime
              tw  = whitelisted entries lifetime
              tb  = blacklisted entries lifetime
        -w  : working directory : default = /var/jchkmail/jgreydb
        -t  : 
        -v  : increase log level
        -d  : debug mode - run in foreground