# This whitelist takes the whitelist at greylisting.org as a starting # point. I note that most sources for the entries in this file seem # to date from about 2004, although some are still relevant. A notable # exception is the whitelist from the greylite package found here, # http://www.greylite.net/downloads/extras/whitelisted.rules # # I think things have changed recently - in particular the problem # areas for greylisting are now 'cloud' services like Gmail and # Facebook that may retry the same delivery from many different IP # addresses. I've included some of these domains below and some other # 'problem' domains I'm aware of. # # SPF can be a useful tool to populate this file where domains publish # their SPF records. Also very useful is dnswl.org which lists known # valid senders by category - this is really good for giving IP # addresses for e.g. banks and travel sites so that these can skip # greylisting (since a greylisting delay may be more problematic for # these types of sites). # # Personally I think the dnswl.org categories 2, 7 and 14 (financial, # travel/leisure, retail/wholesale/services resp.) are well worth # considering for inclusion with the view that these may be delivering # time-sensitive emails (so a greylisting delay is unwelcome). # # The dnswl.org data comes in various formats including 'generic'. If # you want to use all the data as a whitelist you could do the following # which will produce a whitelist in greydaemon-friendly format with each # entry followed by a comment to indicate what's being whitelisted, # # awk 'BEGIN {FS=";"}{print $1"\t#"$4}' generic-dnswl > file.out # # or if you want just a particular category like education (category 11), # # awk 'BEGIN {FS=";"}$2==11{print $1"\t#"$4}' generic-dnswl > file.out # # The older entries in this file really need testing to see which of # the services still exist and are still broken re. retries. # # It may be worth adjusting greydaemon to make use of services like # dnswl.org via the DNS (even if dnswl.org data served locally). # # (Andrew Richards, 18th August 2009 acrconsulting.co.uk) # # From greylisting.org/whitelist.shtml 127.0.0.1 # Of course we don't want to delay ourselves or local users 192.168 # Don't delay our private networks either 10 # Private net (class A) 172.16/12 # Another private net # Public Servers 12.5.136.141 # Southwest Airlines (unique sender, no retry) 12.5.136.142 # Southwest Airlines (unique sender, no retry) 12.5.136.143 # Southwest Airlines (unique sender, no retry) 12.5.136.144 # Southwest Airlines (unique sender, no retry) 12.107.209.244 # kernel.org mailing lists (high traffic, unique sender per mail) 63.82.37.110 # SLmail 63.169.44.143 # Southwest Airlines (unique sender, no retry) 63.169.44.144 # Southwest Airlines (unique sender, no retry) 64.7.153.18 # sentex.ca (common pool) 64.12.137 # AOL (common pool) - http://postmaster.aol.com/servers/imo.html 64.12.138 # AOL (common pool) 64.124.204.39 # moveon.org (unique sender per attempt) 64.125.132.254 # collab.net (unique sender per attempt) 64.233.162 # zproxy.gmail.com (common server pool, bad 451 handling?) 64.233.170 # rproxy.gmail.com (common server pool, bad 451 handling?) 64.233.182 # nproxy.gmail.com (common server pool, bad 451 handling?) 64.233.184 # wproxy.gmail.com (common server pool, bad 451 handling?) 65.82.241.160 # Groupwise? 66.94.237 # Yahoo Groups servers (common pool, no retry) 66.100.210.82 # Groupwise? 66.162.216.166 # Groupwise? 66.206.22.82 # PLEXOR 66.206.22.83 # PLEXOR 66.206.22.84 # PLEXOR 66.206.22.85 # PLEXOR 66.218.66 # Yahoo Groups servers (common pool, no retry) 66.218.67 # Yahoo Groups servers (common pool, no retry) 66.218.69 # Yahoo Groups servers (common pool, no retry) 66.249.82 # gmail (common server pool, bad 451 handling) 66.27.51.218 # ljbtc.com (Groupwise) 66.89.73.101 # Groupwise? 68.15.115.88 # Groupwise? 72.14.204 # qproxy.gmail.com (common server pool, bad 451 handling?) 152.163.225 # AOL (common pool) 194.245.101.88 # Joker.com (email forwarding server) 195.235.39.19 # Tid InfoMail Exchanger v2.20 195.238.2 # skynet.be (wierd retry pattern, common pool) 195.238.3 # skynet.be (wierd retry pattern, common pool) 204.60.8.162 # Groupwise? 204.107.120.10 # Ameritrade (no retry) 205.188.139.136 # AOL (common pool) 205.188.139.137 # AOL (common pool) 205.188.144.207 # AOL (common pool) 205.188.144.208 # AOL (common pool) 205.188.156.66 # AOL (common pool) 205.188.157 # AOL (common pool) 205.188.159.7 # AOL (common pool) 205.206.231 # SecurityFocus.com (unique sender per attempt) 205.211.164.50 # sentex.ca (common pool) 207.115.63 # Prodigy (broken software that retries continually with no delay) 207.171.168 # Amazon.com (common pool) 207.171.180 # Amazon.com (common pool) 207.171.187 # Amazon.com (common pool) 207.171.188 # Amazon.com (common pool) 207.171.190 # Amazon.com (common pool) 209.104.63 # Ticketmaster (poor retry config) 209.132.176.174 # sourceware.org mailing lists (high traffic, unique sender per mail) 211.29.132 # optusnet.com.au (wierd retry pattern and more than 48hrs) 213.136.52.31 # Mysql.com (unique sender) 216.136.226.0 # Yahoo Mail? 216.157.204.5 # Groupwise? 216.239.56 # proxy.gmail.com (common server pool, bad 451 handling?) 217.158.50.178 # AXKit mailing list (unique sender per attempt) # From package relaydelay 0.04 whitelist_ip.txt - entries not already above 205.188.156 # AOL # And found this on http://lists.puremagic.com/pipermail/greylist-users/2003-November/000327.html #66.218.66 # Yahoo groups has unique senders (duplicates entry above) 65.77.130.228 # Bogofilter-dev mailing list has unique senders. # Additional entries from http://www.wyae.de/docs/greylisting/ 66.35.250.168 # Freshmeat does not retry # Additional Yahoogroups 66.94.237 # Yahoogroups 195.92.246.182 # Yahoogroups # Non-numeric: #returns.groups.yahoo.com # Yahoogroups (already included within the Yahoo Groups ranges above) #.scd.yahoo.com # Yahoogroups # Own entries: # Nominet automaton doesn't seem to retry: 213.248.201 195.66.240 # BlueYonder (now Virgin Media) webspace: zisp mailer script doesn't retry, 195.188.213.0/28 # Gmail retries from many different addresses, so best whitelisted, # can determine a suitable list of addresses by doing a DNS txt # lookup on _spf.google.com ... note that it looks like Gmail has # improved in its behaviour towards greylisting, nowadays seeming to # exhibit some affinity to the same IP address for retrying deliveries. 216.239.32.0/19 64.233.160.0/19 66.249.80.0/20 72.14.192.0/18 209.85.128.0/17 66.102.0.0/20 74.125 64.18.0.0/20 207.126.144.0/20 # Ebay addresses to avoid possible delays from greylisting (drawn from dnswl.org), 66.135.195.180/31 66.135.197 66.135.209 66.135.215 66.211.161 194.64.234.151 212.222.51.169 216.33.244.6/31 216.33.244.84 216.33.244.96/28 216.113.167.215 216.113.168.128 216.113.175.152/31 # Facebook (derived from SPF), 204.15.20.0/22 69.63.176.0/20 # Hotmail (SPF-derived), 64.4.0.0/18 64.41.193.0/24 65.54.128.0/17 65.55.111.0/24 65.55.34.0/24 65.55.90.0/24 65.59.232.0/23 65.59.234.0/24 65.52.0.0/14 131.107.0.0/16 157.54.0.0/15 157.56.0.0/14 157.60.0.0/16 167.220.0.0/16 199.2.137.0/24 199.103.90.0/23 204.79.135.0/24 204.79.188.0/24 204.79.252.0/24 204.182.144.0/24 204.255.244.0/23 204.95.96.0/20 206.138.168.0/21 207.46.0.0/16 207.68.128.0/18 207.68.192.0/20 207.82.250.0/23 207.82.252.0/23 209.1.15.0/24 209.1.112.0/23 209.240.192.0/19 209.185.128.0/23 209.185.130.0/23 209.185.240.0/22 216.32.180.0/22 216.32.240.0/22 216.33.148.0/22 216.33.151.0/24 216.33.236.0/22 216.33.240.0/22 216.34.51.0/24 216.200.206.0/24 # Add your own data here - such as from dnswl.org