Conditional greylisting (with postfix, policyd-weight and postgrey)

In case you think that greylisting might have some disadvantages but give you also some benefits, you probably have thought about to use greylisting with some conditions. For example if you checked some parameters of the mail and you (or better your mailsystem) guess it may be spam, greylisting could be very useful.
Until now, I was using plain policyd-weight. But mails with $REJECTLEVEL <= score <= $DEFER_LEVEL where in some conditions defered (see policyd-weight default) and if they come back with the same conditions, they will be defered twice. So it makes sense to me to greylist them and if they return within $DEFER_LEVEL, they will pass cause the greylist will allow them.
At first let's create a restriction class which we can call from policyd-weight within main.cf of postfix:

# restriction class for use with polw (DEFER_ACTION)
smtpd_restriction_classes = greylist
greylist = check_policy_service inet:127.0.0.1:60000

To call postgrey for $REJECTLEVEL <= score <= $DEFER_LEVEL you need to make use of the restriction class "greylist" and let $DEFER_STRING match all defer strings, to get them all greylisted:

# echo "\$DEFER_STRING   = 'NOT';" >> /etc/policyd-weight.conf
# echo "\$DEFER_ACTION   = 'rc:greylist';" >> /etc/policyd-weight.conf
# /etc/init.d/postgrey restart

Also you may have a look into The DNSBL countries.nerd.dk. This might be a way to score connections coming from well known spamming countries. But keep in mind, that there may also legitim mails coming from those! ;)

Show Comments