Hi yet again!
"Quick and dirty" method of installation section of README says "adjust bley.conf and run bley". I configured bley.conf and ran "./bley". It gave me:

Traceback (most recent call last):
  File "./bley", line 323, in <module>
    bley_start()
  File "./bley", line 209, in bley_start
    settings.listen_addr = config.get('bley', 'listen_addr')
  File "/usr/lib/python2.6/ConfigParser.py", line 532, in get
    raise NoSectionError(section)
ConfigParser.NoSectionError: No section: 'bley'

But when I tried "./bley -c bley.conf", it started with no complaint. Maybe I did it wrong, or maybe you should update the README.

usefull for seeking bugs etc

currently known: Debian/Ubuntu, Arch.

I am using Debian Wheezy. If I restart bley I am getting following error message:

[....] Restarting intelligent greylisting daemon for Postfix: bley/usr/bin/bley:171: Warning: Table 'bley_status' already exists
dbc.execute(__CREATE_DB_QUERY)
. ok

I use bley on two postfix servers with the postgresql database on a third server. I had three time this problem (with the same sender) :

• postfix recieve a message with this long (289 character) and wrong sender :
  from=<{[email protected]|[email protected]|[email protected]|[email protected]|[email protected]|[email protected]|[email protected]|[email protected]|[email protected]|[email protected]|[email protected]|[email protected]>

• bley log this error :
  bley: check_local_db failed. sending unknown.

• the database log this error :
  2017-03-08 10:58:17 CET [76508]: [1-1] user=bley,db=bley ERROR: value too long for type character varying(254)
  2017-03-08 10:58:17 CET [76508]: [2-1] user=bley,db=bley STATEMENT: INSERT INTO bley_status (ip, status, last_action, sender, recipient) VALUES('37.61.217.110', 0, '2017-03-08T10:58:17.430562'::timestamp, '{[email protected]|[email protected]|mta365@enggpublic
  ation.net|[email protected]|[email protected]|[email protected]|[email protected]|[email protected]|[email protected]|[email protected]|[email protected]|[email protected]', '[email protected]')
  2017-03-08 10:58:18 CET [76508]: [3-1] user=bley,db=bley ERROR: current transaction is aborted, commands ignored until end of transaction block

• till it was restarted, bley log this error to all requests to the database:
  "bley: check_local_db failed. sending unknown."

All messages greylisted are refused, that's cause a kind of denial of service.

My mysql bley_log is created but when bley runs.. the disk log shows;

2019-04-02 13:44:53,231 bley: decided CACHED action=DEFER_IF_PERMIT This server employs greylisting as a means of reducing spam. Your message has been delayed and will be accepted later. (cached result), [email protected], [email protected]

but the sql log table does not get update.

I have the bley.conf file doing:

Where to save the log file?

#log_file = syslog
log_file = /var/log/bley.log

I didn't see a log to sql table option. I see where it's supposed to do:

    def dump_log(self):
        query = '''INSERT INTO bley_log (logtime, ip, sender, recipient,
                action, check_dnswl, check_dnsbl, check_helo, check_dyn,
                check_db, check_spf, check_s_eq_r, check_postmaster,
                check_cache)
                VALUES(%(time)s, %(ip)s, %(from)s, %(to)s, %(action)s,
                %(DNSWL)s, %(DNSBL)s, %(HELO)s, %(DYN)s, %(DB)s,
                %(SPF)s, %(S_EQ_R)s, %(WHITELISTED)s, %(CACHE)s)'''

but I don't see it doing that... or giving me an error.

Hi, this is a great utility and I have been using it for the last year but an issue is bugging me and I don't know how to run tests. It would be nice to have a minimum of documentation about testing.
In my mail.log file I get:

Feb 7 01:13:54 vps postfix/smtpd[24005]: warning: problem talking to server 127.0.0.1:1337: Connection refused

But bley is running according to ps -aux | grep bley:

bley 26463 0.0 3.5 103812 36472 ? S 02:57 0:00 /usr/bin/python3 /usr/local/bin/bley -p /var/run/bley/bley.pid -c /etc/bley/bley.conf -c /etc/bley/dbconfig-common.conf

So I would like to know if bley is responding to requests so I ran:

>>> import test.test_bley
>>> tc = test.test_bley.BleyTestCase()
>>> tc.test_zzz_greylisting()

<DeferredList at 0x7efc4d416898>

What is that DeferredList ?
Is there any way to do a simple test to see if bley is responding on 127.0.0.1:1337 ?

Thank you,

Since Twisted 12.3, trial supports -j as make does, use it to run our tests in parallel.

There is a possible fix in infoxchange@400b046, but I do not like the code.

However, we'll still end up with datetime.datetime.now(), as databases seem to suck.

are all options properly documented?
is bleygrapher documented?

Start bley (rev 87b2fbb) with mysql enabled (first time):

Starting up
Traceback (most recent call last):
File "/usr/bin/bley", line 331, in
bley_start()
File "/usr/bin/bley", line 280, in bley_start
dbc.execute(__CREATE_DB_QUERY)
File "/usr/lib64/python2.6/site-packages/MySQLdb/cursors.py", line 173, in execute
self.errorhandler(self, exc, value)
File "/usr/lib64/python2.6/site-packages/MySQLdb/connections.py", line 36, in defaulterrorhandler
raise errorclass, errorvalue
_mysql_exceptions.OperationalError: (1071, 'Specified key was too long; max key length is 1000 bytes')

Title says it all. :)

Calling python setup.py install with python 3 leads to the following error:

  File "setup.py", line 38, in <module>
    (systemd_unit_path(), ['bley.service'])
  File "/usr/lib/python3.6/distutils/core.py", line 148, in setup
    dist.run_commands()
  File "/usr/lib/python3.6/distutils/dist.py", line 955, in run_commands
    self.run_command(cmd)
  File "/usr/lib/python3.6/distutils/dist.py", line 974, in run_command
    cmd_obj.run()
  File "/usr/lib/python3.6/site-packages/setuptools/command/install.py", line 61, in run
    return orig.install.run(self)
  File "/usr/lib/python3.6/distutils/command/install.py", line 557, in run
    self.run_command(cmd_name)
  File "/usr/lib/python3.6/distutils/cmd.py", line 313, in run_command
    self.distribution.run_command(command)
  File "/usr/lib/python3.6/distutils/dist.py", line 974, in run_command
    cmd_obj.run()
  File "/usr/lib/python3.6/distutils/command/install_data.py", line 60, in run
    dir = change_root(self.root, dir)
  File "/usr/lib/python3.6/distutils/util.py", line 149, in change_root
    return os.path.join(new_root, pathname[1:])
  File "/usr/lib/python3.6/posixpath.py", line 92, in join
    genericpath._check_arg_types('join', a, *p)
  File "/usr/lib/python3.6/genericpath.py", line 151, in _check_arg_types
    raise TypeError("Can't mix strings and bytes in path components") from None
TypeError: Can't mix strings and bytes in path components

UnixApplicationRunner is "special", we do not want all that magic Twisted does for us.

So in X-Greylist there are information about the blocking time - like postgrey do it.

Simple test case:

#!/usr/bin/perl -w

use strict;
use IO::Socket::INET;

my $sock = IO::Socket::INET->new( PeerAddr => "127.0.0.1", PeerPort => 1337,
        Proto => "tcp");

if($sock->connected()) {
    print $sock "helo_name=mail-fx0-f49.google.com\n";
    print $sock "sender=foobar\@gmail.com\n";
    print $sock "recipient=user\@example.org\n";
    print $sock "client_address=209.85.161.49\n";
    print $sock "client_name=gmail.com\n\n";
    shutdown($sock, 1); # We have stopped writing data

    while(my $line = <$sock>) {
        $line =~ s/\r/\\r/g;
        $line =~ s/\n/\\n/g;
        print "IN: ".$line."\n";
    }
}
close($sock);

Try it with and without the shutdown();

Just an FYI: the ACL you describe in your documentation will apply to all users of the exim server (if the server has clients using it to send out mail, they will have to deal with getting greylisted).

I recommend adding these lines:

  !senders       = :
  !authenticated = *
         domains = +local_domains 

This exempts empty senders (Delivery Status Notifications), authenticated users, and makes the greylisting only take effect for the "local_domains" domains (e.g. the ones you 'receive' mail for).

sometimes it is useful to check whether a new sender is from a known subnet (e.g. in the case when an ISP has multiple outgoing MX).

/24 for IPv4 and /64 for IPv6 are possibly good default values

requested by rubber ([email protected]) in #Froxlor @ freenode

Hi again!
When I tried to run bley having installed only twisted-core of twisted libraries, it gave me this error:

Traceback (most recent call last):
  File "./bley", line 58, in <module>
    from bley import BleyPolicyFactory
  File "/home/ebrahim/downloads/evgeni-bley-6c55290/bley.py", line 29, in <module>
    from twisted.names import client
ImportError: No module named names

But after I installed twisted-names, it ran successfully and reported no error. I think you should explicitly mention twisted-names in dependencies.

This is just a minor issue for directory structure. There are some points that i want to mention:

• source codes belongs to a separate directory so if there is a src folder containing all the source code then it would be nice.
• examples should be in a separate directory named exmaples
• License should also be included for your project to help others know how to use your source code. I would suggest MIT license would be best for this.

Just some tweaks to improve directory structure. 😄 😸

• postgres/mysql share many settings
• most getters will fail if an optin is not set, fix that?

Trying to verify that bley is working like I expect. The bley_status.status value is not easily explained.
1 seems to be that a valid SPF record was found and no extra delay was added.
2 seems to indicate that a 450 message was sent saying try again later but the client never did.
not sure what 0 is exactly. I see it for things that did not get a 450 message but don't seem to have a valid SPF record either.

would be helpful if these values were documented / explained.

The last release was a bit more than 3 yeahr ago. Debian still uses 0.15 and it got broken because twisted got updated and bley is not running any more.

The RFC says

Client software MUST check the A record and MAY check the TXT record.

But bley only checks that there was no NXDOMAIN. Some DNSxLs return NOERROR with 0 records (rbl.realtimeblacklist.com is such one). This results in false positives.