Integrating Postgrey into Postfix (Greylisting Filter)


In this article I'm going to show the simple integration of Postgrey into a postfix. The installation of postgrey is done like this:

apt-get install postgrey

Then you should (but it's not needed) customize a little bit its configuration file /etc/default/postgrey, which contains:

POSTGREY_OPTS="--inet=127.0.0.1:60000" #Postgrey uses the port 60000 locally
POSTGREY_TEXT="Greylisted" #This parameter is optional and contains the error message, that is displayed when an e-mail is detected as spam

The greylisting filter by default is working with a delay of 5 minutes. With the following option (in seconds) you can change this value for example to 2 minutes:

--delay=120

This option can be added to the POSTGREY_OPTS parameter (see above).

What you should know is that Postgrey contains a whitelist for clients and receivers:

/etc/postgrey/whitelist_clients
/etc/postgrey/whitelist_recipients

You can add some hosts in these files if necessary.

Now we're going to integrate Postgrey into Postfix. Therefore you have to edit the file /etc/postfix/main.cf, the line containing smtpd_recipient_restrictions. In this line you add:

check_policy_service inet:127.0.0.1:60000

This has to be added before the Permit keyword.

An example could look like this:

smtpd_recipient_restrictions =  permit_mynetworks, permit_sasl_authenticated,  reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unauth_destination, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:60000, reject_unauth_pipelining

The parameters have to be in one line, else Postfix will show some errors.

Now you have to restart the services and your greylisting filter should be working:
/etc/init.d/postgrey restart
/etc/init.d/postfix restart