Greylisting
From Linuxintro
Revision as of 17:50, 3 March 2013 by imported>ThorstenStaerk (rating no longer possible, text feedback replaced by faceBook feedBack)
There are different tools for greylisting.
Postgrey
Postgrey is greylisting software for the postfix MTA.
How to get it
Download postgrey from http://postgrey.schweikert.ch/
How to set it up
- Extract your postgrey package, e.g.:
tar xvzf postgrey-1.32.tar.gz
- install some needed packages
yast -i perl-BerkeleyDB
- Copy postgrey_whitelist_clients to /etc/postfix/
- Copy postgrey_whitelist_recipients to /etc/postfix/
- Add a user named postgrey:
useradd -m postgrey
- Add a directory for the lock file:
mkdir /var/spool/postfix/postgrey chmod 777 /var/spool/postfix/postgrey
- start postgrey
./postgrey --inet 127.0.0.1:60000
If you get an error, see TroubleShooting.
- make sure postgrey is listening on port 60000:
$ nmap localhost -p59998-60002 Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2007-08-10 07:44 CEST Interesting ports on lvps87-230-12-146.dedicated.hosteurope.de (127.0.0.1): PORT STATE SERVICE 59998/tcp closed unknown 59999/tcp closed unknown 60000/tcp open unknown 60001/tcp closed unknown 60002/tcp closed unknown Nmap finished: 1 IP address (1 host up) scanned in 0.049 seconds
- Make sure there is a line like this in /etc/postfix/main.cf:
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
check_policy_service inet:127.0.0.1:60000
- restart postfix
/etc/init.d/postfix restart
TroubleShooting
Symptome: When starting postgrey, you get an error message
Can't locate Net/Server.pm in @INC
Reason: Your perl is installed, but missing Net::Server
Solution: Install Net::Server via cpan:
perl -mCPAN -e CPAN::Shell
If you have never run CPAN before, you have to answer 25 questions now. Then issue:
install Net::Server
See also
http://www.debuntu.org/postfix-and-postgrey-a-proactive-approach-to-spam-filtering
