postgrey question

Jorn Argelo jorn at wcborstel.nl
Wed Jun 1 14:16:54 PDT 2005 

Chad Leigh -- Shire.Net LLC wrote:

>
> On Jun 1, 2005, at 8:07 AM, Bart Silverstrim wrote:
>
>> I've been looking into ways of improving our spam filtering.   
>> Currently I'm running postfix with amavisd-new (spamassassin and  
>> clamav), and saw an article on greylisting using postgrey.  Turns  
>> out there's a port for it already in FreeBSD.
>
>
>
> I don't run postifx and the thing I am about to mention I have not  
> tried yet, but you may want to explore modifying your greylisting to  
> be based on spamassassin results.
>
> I use exim as the mta and there is a thing called sa-exim that lets  
> you run spamassassin at SMTP time so that you can reject mail if you  
> want before you actually are finished receiving it.  The author of sa- 
> exim has modified it to do greylisting based on spamassassing scores  
> generated at smtp time, so that you only greylist mail that is  
> thought to be spam and do not inconvenience your regular users.
>
> Can you do spamassassin at smtp time with postfix?


That's far too complicated. Postgrey does an excellent job.

I have installed postgrey yesterday, and it works really well. I didn't 
read all the emails regarding this subject, so my apologies if I only 
tell you things you've already heared. Basically it works like this:

You're recieving an e-mail on your mailserver. Postgrey checks if it's 
an e-mail address it has seen before (which it stores in a database). If 
he has, he passed it to amavis where it can be processed further. If it 
isn't a known e-mail address, it automatically blacklists the e-mail 
address for an x amount of seconds while sending the sending server a 
message that it's busy and that it should try again in x amount of 
seconds. Normal mailservers wait patiently for those x amount of seconds 
and try sending it again (except for hotmail, who tries to send it every 
30 seconds even if your server tells it to wait 90 seconds). Since 
Postgrey has it stored in the database, the email will be passed trough 
nicely.

The main advantage of this is that spammers and viruses have massive 
amount of email lists and just try to send it to as many people as 
possible. They are not going to wait and try to send the e-mail again, 
thus you effectively block many amount of spam and virus e-mail before 
it's even being processed by amavis / clamav / spamassasin, saving up 
system resources.

Configuration of this is really easy. Compile it from the ports, change 
flags in the rc.d script (See man page for more info) and put this in 
your main.cf. Note the space between sevice and inet.

smtpd_recipient_restrictions = check_policy_service 
inet:192.168.1.100:10023,reject_unauth_destination,permit

Start postgrey from the rc.d script and you're ready to go.

Cheers,

Jorn

>
> Chad
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to 
> "freebsd-questions-unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list