Post Grey
EmailServer.PostGrey History
Hide minor edits - Show changes to markup
< SpamAssassin | EmailServer | SquirrelMail >
< SpamAssassin | EmailServer | RoundCube >
< SpamAssassin | EmailServer | SquirrelMail >
ARTICLE TO BE COMPLETED (:description Adding greylinsting to our spamfighting arsenal. Greylisting will block most spam generated by zombie computers transformed into spam-spewing robots :)
Geylisting is a technique used to block bad mail clients of the sort used as spambots before they have a chance to dump their load into our mail server.\\
(:description Adding greylisting to our spamfighting arsenal. Greylisting will block most spam generated by zombie computers transformed into spam-spewing robots :)
Introduction
Greylisting is a technique used to block bad mail clients of the sort used as spambots before they have a chance to dump their load into our mail server.\\
Getting postgrey There are ready-made packages for most distributions
http://www.greylisting.org/implementations/
Installing postgrey
There are ready-made packages that come already preconfigured: (:source lang=:)
- yum -t postgrey
- chkconfig --levels 235 postgrey on
(:sourcend:)
This will install in your /etc/postfix
folder a few files that can be used to tweak postgrey's behaviour.
The postgrey_whitelist_clients.local
is the only one that's really interesting: it allow you to include regular expressions that, if any incoming email match any of the rules, allow the email to pass through postgrey.
To find out the format of the rules, check the content of postgrey_whitelist_clients
that already contains a few rules.
Any non-matching email will be at first rejected for a few minutes so its sending server can try again to submit it through.
On the second try, the email will pass through normally.
Setting up postfix
Postfix needs to be made aware of postgrey or it won't use it.
In your /etc/postfix/main.cf
, make sure that you update the following policies:
(:source lang=:)
smtpd_recipient_restrictions =
permit_mynetworks permit_sasl_authenticated reject_unauth_destination reject_invalid_hostname reject_unknown_sender_domain check_policy_service unix:/var/spool/postfix/postgrey/socket
(:sourcend:)
Then restart postfix and the postgrey services:
(:source lang=:)
- service postgrey restart
- service postfix restart
(:sourcend:)
Resources
- http://postgrey.schweikert.ch/
- http://www.greylisting.org/implementations/
ARTICLE TO BE COMPLETED
There are ready-made packages for most distributions
There are ready-made packages for most distributions
http://www.greylisting.org/implementations/
(:description Adding greylinsting to our spamfighting arsenal. Greylisting will block most spam generated by zombie computers transformed into spam-spewing robots :)
Geylisting is a technique used to block bad mail clients of the sort used as spambots before they have a chance to dump their load into our mail server.
Whenever a mail server connects to our server to deliver mail we will initially refuse the connection, asking them to retry a few minutes later.
A normally behaved mail server will systematically retry. Postgrey will recognized the second attempt and will let it through.
Most spammers don't have the luxury of keeping track of all the emails they have to resend and just move on to their next target. This is because sending email takes resources, and delaying and resending takes more resources than it's worth to them: their objectives is to dump as much spam as quickly as possible before their become blacklisted. Their window of opportunity is quite narrow.
Greylisting can be configured to let through some recipients or some servers that we know are friendly.
At any rate you should not lose any mail because of greylisting: any mail sent through a RFC compliant (normal) mail server will end up being delivered.
The only downside to greylisting is that it introduces a short few minutes delay in mail delivery.
I don't know about you, but given the recent spam increase, I can live with that!
Getting postgrey There are ready-made packages for most distributions