Oct 28 2021

Debian: Postfix + PostGrey

Postgrey logoPostgrey is a Postfix policy server implementing greylisting. When a request for delivery of a mail is received by Postfix via SMTP, the triplet CLIENT_IP / SENDER / RECIPIENT is built. If it is the first time that this triplet is seen, or if the triplet was first seen, less than 5 minutes ago, then the mail gets rejected with a temporary error. Hopefully spammers or viruses will not try again later, as it is however required per RFC.

 

First, make sure that postgrey is installed. On a Debian instance, you can do this with:

# apt install postgrey

Edit the configuration file /etc/default/postgrey to make sure that postgrey is listening on the proper port and settings

# postgrey startup options, created for Debian

# you may want to set
#   --delay=N   how long to greylist, seconds (default: 300)
#   --max-age=N delete old entries after N days (default: 35)
# see also the postgrey(8) manpage

POSTGREY_OPTS="--inet=127.0.01:10023 --delay=60 --max-age=365"

Make sure that postgrey service is enabled and restart it

# systemctl enable postgrey
# systemctl restart postgrey

Edit Postfix configuration file /etc/postfix/main.cf to make sure that mail passes through postgrey, the following example includes the bold section that is required in section smtpd_recipient_restrictions=

smtpd_recipient_restrictions =
   permit_mynetworks,
   reject_unauth_destination,
   check_policy_service inet:127.0.0.1:10023,
   permit

Example output in the mail logs:

#
# postgrey greylisting a message:
#
Dec 17 21:23:49 jessie postfix/smtpd[6714]: connect from mk-outboundfilter-4-a-1.mail.uk.tiscali.com[212.74.114.8]
Dec 17 21:23:49 jessie postfix/smtpd[6714]: NOQUEUE: reject: RCPT from mk-outboundfilter-4-a-1.mail.uk.tiscali.com[212.74.114.8]:
        450 4.2.0 <ned@example.com>: Recipient address rejected: Greylisted, see http://postgrey.schweikert.ch/help/example.com.html;
        from=<bob@example.com> to=<ned@example.com> proto=ESMTP helo=
Dec 17 21:23:54 jessie postfix/smtpd[6714]: disconnect from mk-outboundfilter-4-a-1.mail.uk.tiscali.com[212.74.114.8]
#
# postgrey accepting a message:
#
Dec 17 22:23:45 jessie postgrey[2218]: action=pass, reason=triplet found, client_name=mk-outboundfilter-3-a-1.mail.uk.tiscali.com,
        client_address=212.74.114.7, sender=bob@example.com, recipient=ned@example.com