knowledgebase/linux/mail/greylisting with postgrey Greylisting has proven to be a pretty effective method for reducing the amount of spam you receive. It works by temporarily rejecting emails. Valid email servers will then retry delivery, and be allowed through while spammers will (hopefully) give up. See http://www.greylisting.org/ for more info. The postgrey application at http://postgrey.schweikert.ch/ provides a simple way to implement greylisting for postfix mail servers. Debian and Ubuntu have the package available in the main repositories. On CentOS/RHEL based distros, you will need to enable the rpmforge repository per http://bliki.rimuhosting.com/space/retep/extra+packages+for+rhel4+and+centos5 Then just install postgrey with apt {code:none} apt-get install postgrey {code} Configure postgrey to start at boot: Debian/Ubuntu: {code:none} update-rc.d postgrey defaults {code} CentOS/RHEL: {code:none} chkconfig postgrey on {code} And tell it to start up (any distro): {code:none} /etc/init.d/postgrey start {code} Now, tell postfix to use it: Debian/Ubuntu: The package listens on localhost:60000 by default, so edit /etc/postfix/main.cf, and add 'check_policy_service inet:127.0.0.1:60000' to smtpd_recipient_restrictions. Make sure to add it after permit_sasl_authenticated so you don't greylist authenticated users. Like this: {code:none} smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_policy_service inet:127.0.0.1:60000 {code} CentOS/RHEL: This package listens on a unix socket by default, so edit /etc/postfix/main.cf and add 'check_policy_service unix:/var/spool/postfix/postgrey/socket' to 'smtpd_recipient_restrictions. Again, make sure to add it after permit_sasl_authenticated so as not to greylist yourself. Example: {code:none} smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_policy_service unix:/var/spool/postfix/postgrey/socket {code} 2008-04-08 22:17:25.0 2007-08-02 17:39:44.0