postgrey question

Bart Silverstrim bsilver at chrononomicon.com
Thu Jun 2 04:52:31 PDT 2005


On Jun 1, 2005, at 5:25 PM, Chad Leigh -- Shire.Net LLC wrote:

>
> On Jun 1, 2005, at 3:16 PM, Jorn Argelo wrote:
>
>> Chad Leigh -- Shire.Net LLC wrote:
>>
>>
>>>
>>> On Jun 1, 2005, at 8:07 AM, Bart Silverstrim wrote:
>>>
>>>
>>>> I've been looking into ways of improving our spam filtering.   
>>>> Currently I'm running postfix with amavisd-new (spamassassin and  
>>>> clamav), and saw an article on greylisting using postgrey.  Turns  
>>>> out there's a port for it already in FreeBSD.
>>>>
>>>
>>>
>>>
>>> I don't run postifx and the thing I am about to mention I have not  
>>> tried yet, but you may want to explore modifying your greylisting to 
>>>  be based on spamassassin results.
>>>
>>> I use exim as the mta and there is a thing called sa-exim that lets  
>>> you run spamassassin at SMTP time so that you can reject mail if you 
>>>  want before you actually are finished receiving it.  The author of 
>>> sa- exim has modified it to do greylisting based on spamassassing 
>>> scores  generated at smtp time, so that you only greylist mail that 
>>> is  thought to be spam and do not inconvenience your regular users.
>>>
>>> Can you do spamassassin at smtp time with postfix?
>>>
>>
>>
>> That's far too complicated. Postgrey does an excellent job.
>
> Yes, normal greylisting works for some people, but in general, it is 
> not seconds, but minutes (I don't believe that your server tells it 
> how long to wait, but rather in general greylisting it returns a 4xx 
> temporary failure error and the sending mail server will automatically 
> retry within its own retry rules) and lots of people do not like to 
> have their good mail greylisted at all as it can delay good mail for 
> minutes or longer, so the one I described above is a modification on 
> greylisting that allows it to only greylist possible spam and not all 
> mail.

If I understand the postgrey docs correctly, there is a mechanism where 
it'll automatically whitelist common IPs from which mail is accepted, 
so the greylisting is more of an adaptation period.  But I could be 
mistaken and confusing it with another greylist system...



More information about the freebsd-questions mailing list