Enable greylisting in Postfix using Postgrey

Greylisting is a new weapon to use against spam in this great war being waged upon it. With this new shielding method, by which you may block out huge amounts of spam, you are sure to please your email clients!

In name, as well as operation, greylisting is related to whitelisting and blacklisting. What happen is that each time a given mailbox receives an email from an unknown contact (ip), that mail is rejected with a “try again later”-message (This happens at the SMTP layer and is transparent to the end user). This, in the short run, means that all mail gets delayed at least until the sender tries again – but this is where spam loses out! Most spam is not sent out using RFC compliant MTAs; the spamming software will not try again later.

Now let’s install postgrey
apt-get install postgrey


Configure Postfix (pico /etc/postfix/main.cf)
Add “check_policy_service inet:127.0.0.1:60000” to the list recipient restrictions

The list may look similar to this one:
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_policy_service inet:127.0.0.1:60000


Reload the Postfix daemon
postfix reload


By default postgrey delays all messages for 5 minutes. To change this, edit the postgrey configuration file (pico /etc/default/postgrey)

Change POSTGREY_OPTS so that it read something like this:
POSTGREY_OPTS="--inet=127.0.0.1:60000 --delay=60"
The delay is specified in number of seconds. When you have changed the value, restart the daemon
/etc/init.d/postgrey restart