CentOS 6.4 Email Gateway (Part 5)

Now we are going to install and configure our greylisting system. We are going to be using Postgrey, but there are numerous ones out there to choose from, I just find Postgrey simple to configure and manage.

Greylisting I believe, will prevent more spam than any other anti-spam measure. It works on the simple principle where it temporarily rejects new mail with error 450 "try again later" for a nominated period of time (between 1 and 5 minutes) and will log the triplet CLIENT_IP / SENDER / RECIPIENT in it's database. Let's begin by opening Putty and typing in:

yum install postgrey
chkconfig postgrey on
service postgrey start

Now we need to edit the /etc/postfix/main.cf file:

Find:

smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination

Change to:

smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, check_policy_service unix:postgrey/socket, permit

Coutesy of the CentOS wiki: By default, the amount of time by which Postgrey will reject new messages is set to 5 minutes but we can change this using the --delay switch. There is a trade off in that the longer the time the more chance of rejecting spam but also the longer legitimate mail will be delayed for the first time.

It might be worth initially setting this value to 1 minute (60 seconds) and subsequently increasing the value once Postgrey has built a database of regular mail contacts for your server. Setting your delay to values larger than 300 Seconds ( 5 Minutes ) is really not recommended. To manually set the delay (in seconds), we need to create the Postgrey configuration file at /etc/sysconfig/postgrey and append the --delay switch as shown below:

OPTIONS="--unix=/var/spool/postfix/postgrey/socket --delay=60"

We need to restart the postgrey system for the changes to take effect:

service postgrey restart

You've completed the Postgrey installation and configuration...

Go to Part 6

No Comments Yet.

Leave a comment


Sign up to our newsletter where you’ll receive notices on when we post new articles and helpful “how tos” to make your IT life easier.