graymilter - simple graylist mail filter module

Fetch version 1.26. Release notes.

Sendmail includes a facility for plugging in custom mail filters, called milters. It's documented here. Graymilter uses this facility to implement graylisting. This is an idea invented by Evan Harris in 2003. Basically, the first time someone tries to send you mail, you send back a temporary failure response. A real email system will put the mail into a queue and re-try it later, at which time the address will have graduated from the graylist to the whitelist, so the mail will get through. However, spam engines and worms do not have real email systems. They are optimized for sending out mass quantities of mail, and they generally do not implement re-trying. Therefore mail from those sources will not get through.

The advantages of graylisting are that it's very simple, it requires zero maintenance, and it will never block any real mail. The disadvantage is that it delays mail. However, people you correspond with every day will stay in the whitelist and will get through immediately. For other folks, well, the delay is brief.

In Evan's original concept, a listing would consist of three data items: the source IP address, the envelope sender address, and the envelope recipient address. Graymilter implements a simplified version of the idea, using only the source IP address. These can be stored much more efficiently, so graymilter can be used on sites with very high traffic.

Release Notes

Version 1.26, 14oct2005: Version 1.25, 03aug2005: Version 1.24, 20jun2005: Version 1.23, 06jun2005: Version 1.22, 31may2005: Version 1.21, 03feb2005: Version 1.20, 02feb2005: Version 1.10, 29nov2004: Version 1.00, 28nov2004:


This is very abbreviated, intended mainly as a reminder for those who have worked with milters before. If it's your first milter, you should look on the web for more thorough documentation. Also, these instructions are pretty specific to FreeBSD, and will have to be adapted for other OSs.

  1. Make sure your sendmail is compiled with the MILTER option. (Starting with version 8.13 this is enabled by default.) You can use this command to check:
    sendmail -d0.1 -bt < /dev/null | grep MILTER
    If you don't see MILTER in the compilation options, you will have to re-build sendmail.
  2. Build and install the graymilter executable, by doing a 'make install'.
  3. Edit your and add a mail filter macro, for example:
    INPUT_MAIL_FILTER(`graymilter',`S=unix:/var/run/graymilter.sock, T=S:4m;R:4m')
    Rebuild and install
  4. Run graymilter, with the same socket argument you used in
    # graymilter unix:/var/run/graymilter.sock
  5. Stop and re-start sendmail.
  6. Look in /var/log/maillog for messages from graymilter.
  7. When you've verified that it's working, add lines to your /etc/rc.conf so it starts up at boot time:

See also:
blackmilter, spfmilter, sfcmilter, sample_milter.
Evan Harris's page on graylisting.
milter-greylist, another graylist milter.
milter-gris, another graylist milter.
Back to ACME Labs Software.
Back to ACME Labs.