Threaded Mode | Linear Mode

**rbtux** · 11-12-2007 12:13 AM

Hi there

this howto describes how to use greylisting within postfix only für unknow host or hostname that looks like they are coming out of dynamic ip ranges.

1. Install postfix pcre package

Quote:> apt-get install postfix-pcre

2. Create new file /etc/postfix/dynip.pcre
EDIT: Attention the long regex is one single line!!!

Quote:# everything with 4 or more dots/hyphens in the hostname
/(\-.+){4}$/ rc_greylisting
/(\..+){4}$/ rc_greylisting

# some well known dynamic patterns
/(^|[0-9.x_-])(abo|br(e|oa)dband|cabel|(hk)?cablep?|catv|cbl|cidr
|d?client2?|cust(omer)?s?|dhcp|dial?(in|up)?|d[iu]p|[asx]?dsld?|dyn(a(dsl|mic)?)?
|home|in-addr|modem(cable)?|(di)?pool|ppp|ptr|rev|user|YahooBB[0-9]{12}
|c[[:alnum:]]{6,}(\.[a-z]{3})?\.virtua|[1-9]Cust[0-9]+|AC[A-Z][0-9A-F]{5}\.ipt
|pcp[0-9]{6,}pcs|S0106[[:alnum:]]{12,}\.[a-z]{2})[0-9.x_-]/ rc_greylisting

# systems without a hostname
/^unknown$/ rc_greylisting

3. Change the main.cf

Add

Quote:smtpd_restriction_classes = rc_greylisting

rc_greylisting = check_policy_service inet:127.0.0.1:60000

Change in the smpd_recipient_restrictions:

Quote:check_policy_service inet:127.0.0.1:60000

to

Quote:check_client_access pcre:/etc/postfix/dynip.pcre

4. Thats it

~~gOOvER~~ · 11-17-2007 09:33 AM

How change this Code if i have 904 installed Smile

Code:

rc_greylisting = check_policy_service inet:127.0.0.1:60000

Have i change it to

Code:

rc_greylisting = check_policy_service inet:127.0.0.1:60000,

                      permit

????

**rbtux** · 11-17-2007 09:45 PM

no you don't have to do it...
the permit in the code doesn't do anything... it just increases the readability of the code...

**pgentoo** · 02-22-2009 04:10 AM

rbtux,

This is very interesting. How much extra spam do you see making it through when using this approach as to greylisting everything?

-
pGentoo

**rbtux** · 02-22-2009 04:19 AM

its hard to tell definitly... somewhere between 1-15%

this mails are then mostly filtered out by policyd-weight und spamassassin...

when I changed the settings the spam at the endusers was not increasing but the querys to the dns server (rbls...) seemed to have increased about 12%...

**pgentoo** · 02-22-2009 04:36 AM

how is server load in comparison to before?

I'm curious, because i've had several clients complain about missed emails. After looking into it, it turned out that the sending server never retried after getting greylisted. Sad

**rbtux** · 02-22-2009 04:40 AM

haven't changed...

**pgentoo** · 02-22-2009 04:46 AM

Ok, well once i get spamassassin running, i'll give it a try. Smile

fulltilt · 04-28-2009 09:26 PM

nice, works fine :-)
is it possible to include a blacklist with email or domain under regex?

**rbtux** · 04-28-2009 10:41 PM

of course ;-)

Threaded Mode \| Linear Mode [HowTo] Selective greylisting
Author	Message