Table of Contents
ze-greyd - Greylist database server
Introduction
ze-filter has two configuration options which control how they handle greylisting. The configuration option GREY_MODE can take value STANDALONE or CLIENT. In standalone mode the filter manages all greylisting data, while in client mode, it manages its own database, the same way as in standalone mode but when the information it needs isn't found locally, it contacts a greylisting server and ask him what to do. Also, when it updates some information locally, it signals the greylisting server.
The client mode is useful when you want to synchronize all your MXs, or if you have more than one main MX with the same weight.
Normally, the filter default configuration options are :
GREY_MODE CLIENT GREY_SOCKET inet:2012@127.0.0.1
Some thoughs about the interest of using a centralized or distributed greylisting architecture can be find here
Configuration
ze-greyd configuration options can be found at :
- /etc/ze-filter/ze-filter.cf - ze-greyd can share the main configuration file for ze-filter and has its own configuration section.
# # Configuration options shared with ze-filter # GREY_LOG_FILE file:ze-grey-expire GREY_MIN_DELAY_NORMAL 10m GREY_MIN_DELAY_NULLSENDER 10m GREY_MAX_DELAY_NORMAL 3d GREY_MAX_DELAY_NULLSENDER 6h GREY_VALIDLIST_LIFETIME 1w GREY_WHITELIST_LIFETIME 2w GREY_BLACKLIST_LIFETIME 1d GREY_PENDING_NORMAL 1000 GREY_PENDING_NULLSENDER 1000 GREY_IP_COMPONENT NET GREY_FROM_COMPONENT HOST GREY_TO_COMPONENT FULL GREY_CLEANUP_INTERVAL 10m GREY_DEWHITE_FLAGS DomainMatch # # Configuration options exclusive to ze-greyd # GREYD_SOCKET_LISTEN inet:2012@0.0.0.0 GREYD_LOG_FACILITY local6 GREYD_LOG_LEVEL 10 GREYDDIR /var/ze-filter/ze-greydb GREYD_PID_FILE /var/run/ze-filter/ze-greyd.pid GREYD_CLIENT_IDLE_MAX 300
- ze-policy.txt database - ze-greyd shares (read-only mode) this database with ze-filter. Sharing this database ease the management of data used by greylisting filter. Other than the data shared with ze-filter you can define ze-greyd access data :
GreydAccess:default REJECT GreydAccess:127.0.0.1 OK GreydAccess:10.3.5.5 OK
- /etc/default/ze-greyd - this is a
shscript called when launching ze-greyd. You can define here some environment variables used by ze-greyd.
- Command line options - some configuration options are are available as command line options. Most of them are there for historic reasons - it's better to use the shared configuration file to specify configuration options. See
ze-greyd -hfor all available options.
Running
Start-Up Script
- /etc/init.d/zegreyd
Using ze-ndc with ze-greyd
You can use ze-ndc the same way as you do with ze-filter, if ze-greyd is listening on an INET port. But ze-greyd accepts much less commands than ze-filter. Useful commands are :
# re-read ze-filter configuration file $ ze-ndc -p 2015 reconfig # re open ze-policy database $ ze-ndc -p 2015 reopendb
Command line options
- -h
$ ze-greyd -h Usage : ze-greyd options Joe's ze-filter v2.0.0-090131 Compiled on Feb 6 2009 21:44:45 -h : this message -u : run ze-greyd as USER - default = smmsp -g : run ze-greyd as GROUP - default = smmsp -s : socket inet:2012@localhost local:/var/sock -a client access control : "1.2.3.4,4.3.2.,11.22.33.44" -n : ntuple definition : IP,FROM,TO IP = NONE | FULL | NET USER = NONE | FULL | USER | HOST TO = NONE | FULL | USER | HOST DEFAULT = NET,HOST,FULL -t : pending entries time constants : ta,tb,tc,td ta = Min Pending delay - normal senders tb = Max Pending delay - normal senders tc = Min Pending delay - null senders td = Max Pending delay - null senders -T : valid entries time constants : tv,tw,tb tv = valid entries lifetime tw = whitelisted entries lifetime tb = blacklisted entries lifetime -w : working directory : default = /var/ze-filter/ze-greydb -t : -v : increase log level -d : debug mode - run in foreground
