EmailServer.PostGrey History

Hide minor edits - Show changes to markup

Thursday 23 April 2009, at 01:37 GMT+8 by 192.168.0.101 -
Changed line 61 from:
to:
Sunday 08 March 2009, at 04:13 GMT+8 by 192.168.0.249 -
Changed line 61 from:
to:
Friday 23 January 2009, at 09:53 GMT+8 by 192.168.0.101 -
Added line 18:
Added line 23:
Added line 35:
Friday 23 January 2009, at 09:52 GMT+8 by 192.168.0.101 -
Changed lines 1-4 from:

ARTICLE TO BE COMPLETED (:description Adding greylinsting to our spamfighting arsenal. Greylisting will block most spam generated by zombie computers transformed into spam-spewing robots :)

Geylisting is a technique used to block bad mail clients of the sort used as spambots before they have a chance to dump their load into our mail server.\\

to:

(:description Adding greylisting to our spamfighting arsenal. Greylisting will block most spam generated by zombie computers transformed into spam-spewing robots :)

Introduction

Greylisting is a technique used to block bad mail clients of the sort used as spambots before they have a chance to dump their load into our mail server.\\

Added line 8:
Changed lines 16-20 from:

Getting postgrey There are ready-made packages for most distributions

http://www.greylisting.org/implementations/

to:

Installing postgrey

There are ready-made packages that come already preconfigured: (:source lang=:)

  1. yum -t postgrey
  2. chkconfig --levels 235 postgrey on

(:sourcend:) This will install in your /etc/postfix folder a few files that can be used to tweak postgrey's behaviour.
The postgrey_whitelist_clients.local is the only one that's really interesting: it allow you to include regular expressions that, if any incoming email match any of the rules, allow the email to pass through postgrey.

To find out the format of the rules, check the content of postgrey_whitelist_clients that already contains a few rules.

Any non-matching email will be at first rejected for a few minutes so its sending server can try again to submit it through.
On the second try, the email will pass through normally.

Setting up postfix

Postfix needs to be made aware of postgrey or it won't use it.
In your /etc/postfix/main.cf, make sure that you update the following policies: (:source lang=:) smtpd_recipient_restrictions =

  permit_mynetworks
  permit_sasl_authenticated
  reject_unauth_destination
  reject_invalid_hostname
  reject_unknown_sender_domain
  check_policy_service unix:/var/spool/postfix/postgrey/socket

(:sourcend:)

Then restart postfix and the postgrey services:

(:source lang=:)

  1. service postgrey restart
  2. service postfix restart

(:sourcend:)

Resources

  • http://postgrey.schweikert.ch/
  • http://www.greylisting.org/implementations/

< SpamAssassinImproved | EmailServer | SquirrelMail >

Tuesday 26 December 2006, at 15:45 GMT+8 by 202.60.234.212 -
Added line 1:

ARTICLE TO BE COMPLETED

Saturday 23 December 2006, at 03:35 GMT+8 by 202.60.234.212 -
Changed lines 14-17 from:

There are ready-made packages for most distributions

to:

There are ready-made packages for most distributions

http://www.greylisting.org/implementations/

Wednesday 20 December 2006, at 13:11 GMT+8 by 192.168.0.101 -
Added lines 1-14:

(:description Adding greylinsting to our spamfighting arsenal. Greylisting will block most spam generated by zombie computers transformed into spam-spewing robots :)

Geylisting is a technique used to block bad mail clients of the sort used as spambots before they have a chance to dump their load into our mail server.
Whenever a mail server connects to our server to deliver mail we will initially refuse the connection, asking them to retry a few minutes later. A normally behaved mail server will systematically retry. Postgrey will recognized the second attempt and will let it through. Most spammers don't have the luxury of keeping track of all the emails they have to resend and just move on to their next target. This is because sending email takes resources, and delaying and resending takes more resources than it's worth to them: their objectives is to dump as much spam as quickly as possible before their become blacklisted. Their window of opportunity is quite narrow.

Greylisting can be configured to let through some recipients or some servers that we know are friendly. At any rate you should not lose any mail because of greylisting: any mail sent through a RFC compliant (normal) mail server will end up being delivered.
The only downside to greylisting is that it introduces a short few minutes delay in mail delivery. I don't know about you, but given the recent spam increase, I can live with that!

Getting postgrey There are ready-made packages for most distributions

Design by N.Design Studio, adapted by solidGone.org (version 1.0.0)
Powered by pmwiki-2.2.0-beta65