Enable greylisting in Postfix using Postgrey on Debian

Greylisting is a new weapon to use against spam in this great war being waged upon it. With this new shielding method, by which you may block out huge amounts of spam, you are sure to please your email clients!

In name, as well as operation, greylisting is related to whitelisting and blacklisting. What happen is that each time a given mailbox receives an email from an unknown contact (ip), that mail is rejected with a “try again later”-message (This happens at the SMTP layer and is transparent to the end user). This, in the short run, means that all mail gets delayed at least until the sender tries again – but this is where spam loses out! Most spam is not sent out using RFC compliant MTAs; the spamming software will not try again later. Now let’s install postgrey

apt-get install postgrey

Configure Postfix (pico /etc/postfix/main.cf)
Add “check_policy_service inet:127.0.0.1:60000” to the list recipient restrictions The list may look similar to this one:

smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_policy_service inet:127.0.0.1:60000

Reload the Postfix daemon

ban2
postfix reload

By default postgrey delays all messages for 5 minutes. To change this, edit the postgrey configuration file (pico /etc/default/postgrey) Change POSTGREY_OPTS so that it read something like this:

POSTGREY_OPTS="--inet=127.0.0.1:60000 --delay=60"

The delay is specified in number of seconds. When you have changed the value, restart the daemon

/etc/init.d/postgrey restart
ban3

Leave a Reply

Your email address will not be published. Required fields are marked *