|
Size: 3285
Comment: Updated commands and paths to current pkgs, removed outdated notes about intrepid and jaunty, updated example outputs
|
Size: 3301
Comment: Correct missing argument in example cmd
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 45: | Line 45: |
| Postgrey also writes its own log entries with a bit of extra information. To see them, run e.g. {{{sudo grep -i postgrey | grep -i "action=greylist"}}}. Entries will look something like: | Postgrey also writes its own log entries with a bit of extra information. To see them, run e.g. {{{sudo grep -i postgrey /var/log/mail.log | grep -i action=greylist}}}. Entries will look something like: |
|
Needs Expansion |
Contents |
Introduction
Greylisting is a spam-reduction technique which can be very effective. It works by delaying mail from untrusted senders. If the sending mail server is standards-compliant, it will re-send the e-mail, and the server will accept it. Most spam mailers, however, don't re-send the mail, and so the spam is blocked. Servers that re-send the mail will be added to a white list, and will not be delayed in future. This means that the first e-mail from a given sender will be delayed, but subsequent ones will not be.
Installation
Simply install the postgrey package and any dependencies. Note that it is in the universe repository. See the InstallingSoftware page for more information on installing packages.
Configuration
You need to instruct postfix to use postgrey. You can either manually edit /etc/postfix/main.cf and on parameter smtpd_recipient_restrictions add check_policy_service inet:127.0.0.1:10023 or run the following command to configure Postfix to use Postgrey:
sudo postconf -e 'smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,check_policy_service inet:127.0.0.1:10023'
Note: the port number has been known to vary depending on the version of the package. Fortunately, Postgrey prints the ports it is listening on when it starts. Have a look at /var/log/mail.log if you are unsure.
Then run the following to reload the Postfix configuration:
sudo postfix reload
You may need to modify the whitelisting of certain domains or users. To do so, use the files in /etc/postgrey/.
The default delay is 300 seconds (5 minutes), to change this value edit /etc/default/postgrey. Add --delay=N to the POSTGREY_OPTS:
POSTGREY_OPTS="--inet=127.0.0.1:60000 --delay=60"
In Use
Once Postgrey is running, entries will start to appear in /var/log/mail.log. To see the ones printed by Postfix, run sudo grep -i greylisted /var/log/mail.log. Entries will look something like:
Jul 24 16:00:57 mailserver postfix/smtpd[12524]: NOQUEUE: reject: RCPT from mail.server.com[1.2.3.4]: 450 4.2.0 <someone@somedomain.com>: Recipient address rejected: Greylisted, see http://postgrey.schweikert.ch/help/somedomain.com.html; from=<bounce-someone.else@anotherdomain.com> proto=ESMTP helo=<mail.server.com>
Postgrey also writes its own log entries with a bit of extra information. To see them, run e.g. sudo grep -i postgrey /var/log/mail.log | grep -i action=greylist. Entries will look something like:
Jul 24 16:00:57 mailserver postgrey[1420]: action=greylist, reason=new, client_name=mail.server.com, client_address=1.2.3.4, sender=bounce-mc.us11_12345678.998765-someone=somedomain.com@mail.server.com, recipient=someone@somedomain.com
In addition, e-mails that have been greylisted will have an X-Greylist header, e.g.:
X-Greylist: delayed 1541 seconds by postgrey-1.34 at mail.server.com; Sun, 24 Jul 2016 16:26:38 CEST