install postgrey for postfix on Ubuntu

Saturday, 19 July 2008 at 16:14 UTC Leave a comment

Greylisting is yet another way for preventing your mailbox getting full of spam. A famous spam fighter software is spamassassin which filter emails. Greylisting won’t replace such softwares but it will behave as a powerful proactive barrier which will reduce the amount of spam getting through your mail server.

Greylisting is a great way for fighting spams, the basic idea out of it is that spammers mail servers are not respecting RFC standards specifications which basically says that when an email could not be delivered, the mail server should try again later on. By sending so many emails, spammers can’t afford to spend to much resources on resending emails when they could not be delivered, so if the email could not be delivered in the first place, they won’t send it back to you.

From this ideas, greylisting simply reject any untrusted mail domain by giving a 450 response code, which means “I can’t deal with your request now, please try again later”.
As spam mail server are not usually RFC compliant, they won’t try back and therefore you won’t get the spam.

Postgrey is a postfix policy server implementing greylisting.
It is really easy to integrate to postfix and is really effective.

step 1: install postgrey

apt-get install postgrey libnet-rblclient-perl libparse-syslog-perl libio-socket-ssl-perl

i got a warning during installation, but that can be ignored:
Warning: The home dir /var/lib/postgrey you specified can't be accessed: No such file or directory

step 2: add check_policy_service inet:127.0.0.1:60000 to /etc/postfix/main.cf

for example:
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_policy_service unix:private/policy, check_policy_service inet:127.0.0.1:60000

step 3: reload postfix configuration

/etc/init.d/postfix reload

step 4: send a test mail and verify your /var/log/mail.log

first entry

Jul 19 18:13:58 MYHOST postgrey[10713]: action=greylist, reason=new, client_name=CLIENT_HOST, client_address=CLIENT_ADDRESS, sender=SENDER_EMAIL, recipient=RECIPIENT_EMAIL

second entry (some minutes later, depends on sender’s MTA)

Jul 19 18:20:20 MYHOST postgrey[10713]: action=pass, reason=triplet found, delay=382, client_name=CLIENT_HOST, client_address=CLIENT_ADDRESS, sender=SENDER_EMAIL, recipient=RECIPIENT_EMAIL

(optional) exclude some recipients from whitelisting

edit /etc/postgrey/whitelist_recipient and add e.g. YOURDOMAIN.COM to exclude this address from greylisting processing.

# postgrey whitelist for mail recipients
# --------------------------------------
# put this file in /etc/postgrey or specify its path
# with --whitelist-recipients=xxx

postmaster@
abuse@
YOURDOMAIN.COM

(optional) postgrey report

to get a postgrey report, simple run this command:

cat /var/log/mail.log | postgreyreport --nosingle_line --check_sender=mx,a --show_tries --separate_by_subnet="--------------------\n"

Reduce spam and enjoy postgrey!

Advertisements

Entry filed under: linux. Tags: , , , .

howto upgrade wordpress under ubuntu SpringSource Announces General Availability of SpringSource Enterprise

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed


Categories


%d bloggers like this: