message = Different profile, please retry
log_message = Only one profile at a time, please
+ # Set a flag to indicate whether the current recipient
+ # has explicitly requested greylisting
+ warn set acl_m_grey_recip = 0
+
+ warn local_parts = GREYLIST_LOCAL_PARTS
+ set acl_m_grey_recip = 1
+
# Defer after too many bad RCPT TO's. Legit MTAs will retry later.
# This is a rough pass at preventing address harvesting or other mail blasts.
defer
message = $sender_host_address is not yet authorized to deliver mail from <$sender_address> to <$local_part@$domain>.
log_message = greylisted.
- local_parts = GREYLIST_LOCAL_PARTS
+ condition = ${if or { \
+ {eq{$acl_m_grey_recip}{1}} \
+ {bool_lax{HAS_DEFAULT_OPTIONS}} \
+ } \
+ }
!senders = :
!hosts = : +debianhosts : WHITELIST : \
${if exists {/etc/greylistd/whitelist-hosts}\
condition = ${if !eq {$acl_m_prf}{PopconMail}}
!authenticated = *
domains = +handled_domains
- local_parts = GREYLIST_LOCAL_PARTS
+ condition = ${if or { \
+ {eq{$acl_m_grey_recip}{1}} \
+ {bool_lax{HAS_DEFAULT_OPTIONS}} \
+ } \
+ }
set acl_m_pgr = request=smtpd_access_policy\n\
protocol_state=RCPT\n\
protocol_name=${uc:$received_protocol}\n\
condition = ${if !eq {$acl_m_prf}{PopconMail}}
!authenticated = *
domains = +handled_domains
- local_parts = GREYLIST_LOCAL_PARTS
+ condition = ${if or { \
+ {eq{$acl_m_grey_recip}{1}} \
+ {bool_lax{HAS_DEFAULT_OPTIONS}} \
+ } \
+ }
condition = ${if eq{${uc:${substr_0_7:$acl_m_pgr}}}{PREPEND}}
message = ${sg{$acl_m_pgr}{\N^\w+\s*\N}{}}