Don't greylist DSNs.

ban2zone.py

@@ -0,0 +1,16 @@
+#!/usr/bin/python2.4
+
+# Convert banned ip list to zonefile data suitable for use as a 
+# DNS blacklist with BIND.  This is a way to share your banned ips
+# with friends.
+
+import socket
+import sys
+from glob import glob
+
+banned_ips = [socket.inet_aton(ip) for fn in sys.argv[1:] for ip in open(fn)]
+banned_ips.sort()
+for ip in banned_ips:
+  a = socket.inet_ntoa(ip).split('.')
+  a.reverse()
+  print "%s\tIN A 127.0.0.2"%('.'.join(a))

bms.py

@@ -1,6 +1,9 @@
 #!/usr/bin/env python
 # A simple milter that has grown quite a bit.
 # $Log$
+# Revision 1.133  2008/10/09 18:44:54  customdesigned
+# Skip greylisting for good reputation.
+#
 # Revision 1.132  2008/10/09 00:55:13  customdesigned
 # Don't reset greylist timer on early retries.
 #
@@ -1163,6 +1166,7 @@ class bmsMilter(Milter.Milter):
               self.log("srs rcpt:",newaddr)
             self.dspam = False    # verified as reply to mail we sent
             self.blacklist = False
+            self.greylist = False
             self.delayed_failure = False
           except:
             if not (self.internal_connection or self.trusted_relay):
@@ -1231,7 +1235,7 @@ class bmsMilter(Milter.Milter):
     except:
       self.log("rcpt to",to,str)
       raise
-    if self.greylist and greylist:
+    if self.greylist and greylist and self.canon_from:
       # no policy for trusted or internal
       rc = greylist.check(self.connectip,self.canon_from,canon_to)
       if rc == 0:

milter.cfg

@@ -230,6 +230,6 @@ blind = 1
 
 [greylist]
 dbfile=greylist.db
-grey_time=10    # mins
+grey_time=5     # mins (Google retries in 5 mins)
-grey_expire=4   # hours
+grey_expire=6   # hours (some legit sites don't retry for 6 hours)
-grey_retain=36  # days
+grey_retain=36  # days (keep "first monday" type mailings on file)