Postgrey is a simple and powerful anti-spam tool for Postfix. It works by using a technique called Greylisting. Adding greylisting in Postfix will give your Postfix mail server a simple and effective first line of defense against spam, at a cost of a few minor delays for newly identified senders. To install Postgrey, we are going to use the precompiled binaries from Dag Wieers RPM packages for Red Hat, RHEL, CentOS and Fedora.

Adding RPMForge to Yum

Firefox RPMForge1. Launch Firefox and go to http://dag.wieers.com/rpm/FAQ.php#B2. Click on the package appropriate for your version of Red Hat Enterprise Linux or CentOS.
Firefox RPMForge Install2. Choose Open with Software Installer (default) and click Ok.
Installing RPMForge3. The Installing packages window will appear. Click Apply to proceed.
Installing RPMForge4. Finally click Ok. You now have access to an extensive library of precompiled binaries.

Installing Postgrey Greylisting Policy Server

If you are using Red Hat Enterprise Linux 4 or CentOS 4, you have an older version of the Package Manager tool. Instead of using the GUI tool below, you can use the command yum install postgrey in a Terminal window to install Postgrey.

Package Manager1. Click Applications then click Add/Remove Software. This will launch the Package Manager window.
Package Manager Search2. Click the Search tab. Next type in postgrey and click the Search button.
Package Manager Search3. Select the latest version of postgrey then click Apply. Next click on Continue until it proceeds with the installation.
Package Manager4. After installation, click Ok. You now have successfully installed Postgrey Postfix Greylisting Policy Server.

Configuring Postfix

Package Manager
1. Edit /etc/postfix/main.cf and add reject_unlisted_recipient and check_policy_service unix:postgrey/socket to the value of smtpd_recipient_restrictions.

check_policy_service unix:postgrey/socket performs the greylisting while adding reject_unlisted_recipient before it enables Postfix to immediately reject unknown recipients instead of having clients go through the greylisting process before being informed that the recipient does not exist.
Service Configuration2. Start Postgrey and restart Postfix or MailScanner (if you have installed MailScanner). Learn how to start and restart services here.
Terminal3. Test Postfix. Do not use localhost to connect to Postfix since localhost will bypass Postgrey. After typing in the rcpt to command, it should reply with Recipient address rejected: Greylisted and it should work if you try it again after at least five minutes.

Configuring the Whitelist in Postgrey

Whitelist enables you to disable greylisting for certain email accounts or client ip addresses or hostnames.

Postgrey1. To disable greylisting for certain email accounts, add their email address into the file /etc/postfix/postgrey_whitelist_recipients.
Postgrey
2. To disable greylisting for certain IP addresses or hostnames, add the IP address, hostname or regular expression to match hostnames into the file /etc/postfix/postgrey_whitelist_clients.local. Hostnames are identified by performing a reverse DNS on the client’s IP address. For sample entries, view the file /etc/postfix/postgrey_whitelist_clients.

NoteIf you liked the immense reduction in spam but cannot live with the delay, check out the Barracuda Anti Spam Firewall. It will give you even better spam and virus control without any penalty in time.

***
Posted on 1/3/2008 and last updated on 1/8/2008
Filed under Anti-spam/Anti-virus , Postfix

Share This