View Single Post
  #1  
Old 27th June 2006, 00:12
erk erk is offline
Member
 
Join Date: Oct 2005
Location: Göteborg, Sweden
Posts: 41
Thanks: 0
Thanked 4 Times in 3 Posts
Default Killing that spam with greylisting using Postfix and Postgrey

Ever heard of greylisting?

Greylisting is a powerful way of reducing spam to your mailserver. Greylisting in short means that when someone wants to deliver a mail to your mailserver it will simply reply "Please come back later". That is something all RFC compliant mailservers do and when they do come back the mail is accepted. Most spammers and spam software are not compliant and not patient enough to try again. You will be surprised to see how effective this is. Anyway, follow the links below to really learn about it. There are as always pros and cons so do your homework before you put it on a production server.

Greylisting.org
Greylisting on Wikipedia

There are several implementations of greylisting and it can be done with most any server. I will show you how to do it on a Debian Sarge with Postfix running as MTA with Postgrey.

Install Postgrey

I assume you have a working Postfix installation. Requirements for postgrey are:
- Perl >= 5.6.0
- Net::Server (Perl Module)
- IO::Multiplex (Perl Module)
- BerkeleyDB (Perl Module)
- Berkeley DB >= 4.1 (Library)

First we install the postgrey package with :
Code:
apt-get install postgrey
This will install the postgrey server on your machine. Now we might want to change some settings. The most annoying thing with greylisting is that it impose a delay on the delivery of mails. I find the 5 minute delay that is default to be a little too long so I set it to 1 minute. If you wish you can change this by editing /etc/default/postgrey. Change the default :
Code:
POSTGREY_OPTS="--inet=127.0.0.1:60000"
to
Code:
POSTGREY_OPTS="--inet=127.0.0.1:60000 --delay=60"
However I would suggest changing the defaults only after you have verified that everything works as expected.

Now start the postgrey policyserver with :
Code:
/etc/init.d/postgrey start
The Postgrey policy service should now be up and running on port 60000. Let's configure Postfix to use Postgrey.

Configure Postfix

The Postfix configuration files are located in /etc/postfix. Edit /etc/postfix/main.cf and add check_policy_service inet:127.0.0.1:60000 to the smtpd_recipient_restrictions.
It should look something like this :
Code:
smtpd_recipient_restrictions = permit_sasl_authenticated,
                       permit_mynetworks,
                       reject_unauth_destination,
                       check_policy_service inet:127.0.0.1:60000
Now all we have to do is to reload the Postfix configuration with :
Code:
postfix reload
Simple and nice. Sit back and enjoy the absence of spam

//Erk

PS. This is really not a ISPC specific HowTo but I thought I would post it here first.

Last edited by erk; 27th June 2006 at 00:19.
Reply With Quote
Sponsored Links