Postfix Greylisting is a spam reduction technique.

This method temporarily rejects the emails and avoids spam emails entering the inbox. Also, it provides an option to whitelist important users to receive their emails without any delay.

At Bobcares, we receive requests to configure greylisting in postfix as a part of our Server Management Services.

Today, we shall discuss how our Support Engineers configure greylisting service for the Postfix mail server.

What is Postfix Greylisting?

The basic idea behind greylisting is delaying the emails for filtering the spam emails entering the inbox.

Here, only the first mail from an unknown client will be delayed.

So, when a legitimate sender sends an email, he will retry to send the same email again. But a spammer will not resend after a failed SMTP session.

Hence, this greylisting method is used in the Postfix mail server. This will improve mail server security by avoiding more spam emails.

Installation and Configuration of Postfix greylisting in Ubuntu

The easiest way to implement this technique is to install a postgrey. Also, the installation is really easy and effective.

Let’s take a brief look into how our Support Engineers install and configure postgrey in the Postfix mail server.

Installation of Postgrey

Our Support Engineers run the below command to install postgrey in the server.

sudo apt-get install postgrey

Configuring Postgrey

Postgrey runs on 127.0.0.1:10023 by default. It is bound to the loopback interface (127.0.0.1) on port 10023. Therefore, postgrey service is not accessible from the outside.

To set the delay time we edit /etc/default/postgrey and modify the POSTGREY_OPTS line. Here, we are greylisting the sending server for 60 seconds. However, the default value is 300 seconds.

If a retry is done after 60 seconds then the sender will automatically become whitelisted. The default time period for whitelisting a sender is 35 days. However, we can change it using the –max-age option.

POSTGREY_OPTS="--inet=127.0.0.1:10023 --delay=60 --max-age=10"

Then, we save and close the file. Finally, we restart Postgrey using the command:

systemctl reload postgrey

Configuring Postfix

Now, we need to tell postfix to use postgrey policy server.

And it all happens in /etc/postfix/main.cf. So we open this configuration file and add the below within smtpd_receipient_restrictions

check_policy_service inet:127.0.0.1:10023

So finally it looks like:

Now, we have a working greylisting on the Postfix mail server. And we can see the below in mail log at /var/log/mail.log 

Nov 7 16:00:57 mailserver postfix/smtpd[12524]: NOQUEUE: reject: RCPT from mail.server.com[1.2.3.4]: 450 4.2.0 <xxxx@domain.com>: Recipient address rejected: Greylisted, see http://postgrey.schweikert.ch/help/somedomain.com.html; from=<bounce-xxx@anotherdomain.com> proto=ESMTP helo= 

Postgrey also writes its own log entries at /var/log/mail.log. We can find more information from the log.

Whitelisting Postfix greylisting in Ubuntu

Normally, everyone has a few recipients whom we don’t want to blacklist or make any delay in receiving their emails. In such cases, we can whitelist those recipients priorly.

Generally, ubuntu has a file /etc/postgrey/whitelist_clients where we can find a list of recipients who are whitelisted by default. These are few well-known email providers whose servers are known to transfer legitimate emails.

However, we can add our own list of the domain in the white_client file.  We can do it by creating a file /etc/postgrey/whitelist_clients.local and enter the domain per line.

To apply the changes we reload postgrey using the command:

systemctl reload postgrey

[Need any assistance with Postfix Greylisting? – We’ll help you]

Conclusion

In short, the Postfix greylisting helps in keeping the mail server free from spam emails. Today, we saw how our Support Engineers implement the greylisting technique in Postfix Mail Server.