Configuration file format

Next: Whitelist file format, Previous: dgrey options, Up: Usage

8.3 Configuration file format

The configuration file used by dgrey is usually stored in /etc/dgrey/config. It follows a simple syntax, where each line is in the format "key = value". Empty lines and lines that start with `#' are ignored.

The following types of values are used below:

‘Boolean value’

Either ‘true’ or ‘false’.

‘String value’

A list of arbitrary characters–a string. String values may be quoted using double quotes. In quoted strings the backslash may be used to escape characters.

‘String list’

A comma-separated list of strings, which each may be quoted. Please note that currently all strings must be found on the same line as the configuration key.

‘Positive integer value’

A number, which also may be zero, but not negative.

‘Duration value’

A time duration, which is a positive integer with a unit specification–‘d’ for days, ‘h’ for hours, ‘m’ for minutes, ‘s’ for seconds. You can also combine multiple units, for example:

          60s
          1m
          1d 8h 30s

Here is an example configuration file:

     debug = yes
     log-file = "/var/log/dgrey.log"
     reconnect-time = 20s
     whitelist-client-files = /etc/dgrey/whitelist_clients, "/etc/dgrey/whitelist_clients.local"

A complete example configuration file is included in the source code archive.

The accepted keys are as follow:

‘debug’

(Boolean value, false by default.) If set to true, more information is logged.

‘exim’

(Boolean value, false by default.) If set to true, policy access connections are closed immediately after the answer is sent. This is supposedly necessary for exim.

‘database-dir’

(String value, unset by default. Required.) Specify the path of the database directory. Normally this is specified as /var/lib/dgrey.

‘local-listen’

(String value, unset by default.) Specify what port and optionally host name or IP address to listen on for local connections. The format is [ip address or hostname:]port, for example:

          local-listen = 10000
          local-listen = localhost:10000
          local-listen = 127.0.0.1:10001
          local-listen = 0.0.0.0:10002

A local connection does not require a password, so normally the IP address is specified as ‘127.0.0.1’. Specifying ‘0.0.0.0’ makes dgrey listen on all IP addresses. Also note that policy access connections from the mail transfer agent are made to the local dgrey socket, as they do not support password.

‘public-listen’

(String value, unset by default.) Specify what port and optionally host name or IP address to listen on for public connections. See ‘local-listen’ for format. A public connection requires a password, and is therefore not suitable for mail transfer agents. However, dgrey nodes do connect over the public socket to synchronize database contents.

If ‘public-listen’ is specified, ‘auth-key’ must be specified as well.

‘log-file’

(String value, "-" by default.) Specify path of the logging file. This file will be appended to (and created if necessary). If this is specified as "-" then dgrey will log to standard out. This can also be specified as the empty string - in such case no logging will be done.

You can combine this option with ‘log-syslog’ to enable logging to a file/standard out as well as the syslog.

‘log-syslog’

(Boolean value, false by default.) If set to true, logging is done to syslog as well. dgrey logs to the ‘DAEMON’ facility.

You can combine this option with ‘log-file’.

‘auth-key’

(String value, unset by default.) Specify authentication key to use for public connections. This key should be the same among all poll hosts.

‘poll-hosts’

(String list, the empty list by default.) A list of poll hosts–hosts to connect to and synchronize database contents. Specify a comma-separated list of IP address/hostname and ports, in the format ip address or hostname:port, ... Example:

          poll-hosts = mail1:10001, mail2:10002
          poll-hosts = 192.168.0.10:1050, 192.168.0.11:1050

‘reconnect-time’

(Duration value, 60 seconds by default.) Specify time between reconnect attempts to poll hosts. When a poll host is disconnected this timer will start. You can use the reconnect-poll-hosts command to force a reconnection attempt immediately.

‘keep-alive-time’

(Duration value, 60 seconds by default.) A byte of data is sent to all outgoing poll connections every this often in order to detect dead connections. Connections can become stale due if for instance VPN tunnels go down.

‘keep-alive-max-lost’

(Positive integer value, 3 by default.) If more than this many keep alive packets are lost, then close the connection and force a new connection attempt.

‘greylist-min-time’

(Duration value, 5 minutes by default.) Minimum time between the first and last mail delivery attempt before the mail is accepted. This is the main "greylist time".

‘greylist-max-time’

(Duration value, 2 days by default.) Maximum time between the first and last mail delivery attempt for it to be considered a a successful greylisted delivery.

‘greylist-purge-time’

(Duration value, 30 days by default.) Delete greylist records older than this.

‘awl-count’

(Positive integer value, 5 by default.) Number of successful e-mail deliveries required before the sender is added to the auto-whitelist database.

‘awl-min-time’

(Duration value, 1 hour by default.) Minimum time to wait between successful greylist deliveries before the auto-whitelist counter is increased.

‘awl-purge-time’

(Duration value, 30 days by default.) Delete auto-whitelist records older than this.

‘lookup-by-host’

(Boolean value, false by default.) This option determines whether the sending server's IP address which is part of the key for the greylisting database record should be generalized or not. Generalizing here means zeroing the last octet of the IP address. Setting this option to false prevents this from happening.

XXX This option is actually copied from Postgrey. See the Postgrey documentation for a better description...

‘listen-queue-size’

(Positive integer value, 0 by default.) This is the maximum length the queue of pending connections may grow to.

‘prepend-header’

(Boolean value, true by default.) If true, prepend the X-Greylist header when a message is accepted but was delayed due to greylisting. If false, accept the message but do not prepend a header.

‘hostname’

(String value, the system's host name by default.) The host name to send in X-Greylist header.

‘whitelist-client-files’

(String list, by default whitelist_clients and whitelist_clients.local in the system directory.) Files to read client whitelist rules from. Files specified here that do not exist are silently ignored. See Whitelist file format, for information on the format of these files.

‘whitelist-recipient-files’

(String list, by default whitelist_recipients and whitelist_recipients.local in the system directory.) Files to read recipient whitelist rules from. Files specified here that do not exist are silently ignored. See Whitelist file format, for information on the format of these files.

‘greylist-message’

(String value, by default "You are being greylisted for %s seconds".) The message to send in the SMTP session when an e-mail is greylisted.

‘greylist-action’

(String value, by default "DEFER_IF_PERMIT".) The action to send to the mail exchange when a message is greylisted.