Grant wrote:
Greylisting because it doesn't filter anything it merely delays
email with a temp 450 error. Real emails retry after an interval
and spam does not so it eliminates about 90-95%. Couple with
reasonable Postfix checks like making sure the sender domain
exists, etc and a mail client with internal filtering. With the
above in place I see maybe 1-2 actual spams in my inbox a week and
averaging about eight a day in my spam folder.
Postgrey is in portage and it'll take you about almost two full
minutes to get setup and working. I suggest making the the greylist
time 30 seconds and the whitelist time 32 days.
kashani
That sounds really nice. Would you say sending back a 450 error is
100% reliable? Which config option makes postfix check to see if the
sender domain exists. I can't find it in /etc/postfix/main.cf.
Nothing is 100% reliable and greylisting is no different. Somewhere
someone is running a mail server that retries every 4 hours instead of
the usual 5 minutes, 15 minutes, 60 minutes that most servers do. Mail
that shows up in 4-8 hours may be no different that if you have dropped
the mail in the first place. Additionally some things like Amazon
newsletters do not retry at all so you'd have to white-list them. And
I've seen two instances where email originates from a different server
each time it retires... which makes no sense at any level and seems
incredibly in efficient.
I'd keep an eye on things the first month you run it, but generally I
have had very few issues over the past two years.
You want to look at smptd_recipient_restrictions. I like the following,
but I would not blindly use them unless you are sure it's the behavior
you really want.
smtpd_recipient_restrictions =
reject_invalid_hostname,
reject_non_fqdn_recipient,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
permit_mynetworks,
permit_sasl_authenticated,
check_policy_service inet:127.0.0.1:10030,
reject_unauth_destination,
permit
kashani
--
[email protected] mailing list
