[Greylist-users] Whitelisting

Jose-Marcio Martins da Cruz Jose-Marcio.Martins at ensmp.fr
Mon Dec 6 12:41:11 PST 2010


durwin at mgtsciences.com wrote:
>> You need the mail_from column, not rcpt_to in order to whitelist a 
>> domain.  You would use rcpt_to to whitelist a specific recipient.
> 
> I've done more testing and this is what I have determined.  Please let me 
> know if I am correct or not.
> 
> If I want to white list a domain my office is sending to, I use rcpt_to?

You don't need to whitelist addresses you're sending mail to.

> If I want to whitelist a domain my office is receiving email from, I use 
> mail_from?

You shall whitelist the IP addresses related to these domains.

> If this is true, there does not seem to be any way to use domain named to 
> whitelist receiving mail.  This means IP addresses must be used.  For 
> testing I used hotmail.com.  I did 'dig hotmail.com MX' and found the mail 
> exchange addresses.  But when I sent mail from hotmail, the IP connected 
> with was not even in the list I found.  Am I missing a method to figure 
> out which IP addresses must be entered to whitelist?

MX records tells you who to contact when you want to send a message to. Ther's no RFC nor no DNS 
entry used to tell you from which IP address messages from some domain come from (well, there are 
things like SPF, but this isn't reliable).

The best suggestion I can give you is to dig your logs. E.g. if you want to whitelist messages from 
navy.mil, do a "grep navy.mil" on your MTA logs and you'll probably find most IP addresses you need 
to whitelist.

-- 



More information about the Greylist-users mailing list