Re: What is GreyListing (was: Re: Christian Hammers...)
On Tue, 20 Jul 2004 22:48, Christian Hammers <ch@lathspell.de> wrote:
> On 2004-07-20 Russell Coker wrote:
> > (host mail3av.westend.com[212.117.79.67] said: 450 <ch@lathspell.de>:
> > Recipient address rejected: Greylisted for 300 seconds... (in reply to >
> > RCPT TO command)) ch@lathspell.de
> >
> > Christian's mail server is broken.
>
> Err, no. It's not a bug it's a feature :-) Called "greylisting".
>
> In opposide to normal black- and white-listing here postfix has an
> additional policy daemon that checks if the tripel "sending ip, from, to"
> is already in the database and if not, reply with a 450 aka "temporary(!)
> failure" code and take note of it. If it's a real mailserver and not a
> trojan-winXP-desktop then it will try it again in a couple of minutes. If
> it does the above tripel will be whitelisted for the next
> days/month/whatever.
OK, that makes a lot of sense! Sorry for mistakenly claiming that your mail
server was broken.
I'm just looking at implementing that on my Postfix server now. For reference
of other interested people the postfix-doc package has documentation on this
(see the following URL if you have postfix-doc installed locally):
file:/usr/share/doc/postfix/html/SMTPD_POLICY_README.html#greylist
Hmm, the postgrey package is not available for woody (no great surprise I
guess), I'll have to back-port it.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: