Postgrey Not Working
Hi,
I have a working installation of Postfix and Dovecot that works nicely. I’ve added SpamAssassin, which does a good job of flagging spam. Now I
wanted to add greylisting to my server.
Here’s what I did.
$ sudo yum install postgrey
Increase the greylisting delay.
# /etc/sysconfig/postgrey POSTGREY_OPTS=”–delay=300″
Edit /etc/postfix/main.cf accordingly.
smtpd_recipient_restrictions =
permit_mynetworks,
permit_auth_destination,
permit_sasl_authenticated,
check_policy_service unix:/var/spool/postfix/postgrey/socket,
reject
Start/restart services.
$ sudo systemctl enable postgrey
$ sudo systemctl start postgrey
$ sudo systemctl restart postfix
Now Postgrey seems to be running OK.
$ systemctl status postgrey
● postgrey.service – Postfix Greylisting Service
Loaded: loaded (/usr/lib/systemd/system/postgrey.service; enabled;
vendor preset: disabled)
Active: active (running) since mer. 2019-06-19 09:39:04 CEST; 19min ago
Docs: man:postgrey(8)
Process: 5228 ExecStart=/usr/sbin/postgrey
–unix=/var/spool/postfix/postgrey/socket
–pidfile=/var/run/postgrey.pid –group=postgrey –user=postgrey
–greylist-text=Greylisted for %%s seconds –daemonize $POSTGREY_OPTS
(code=exited, status=0/SUCCESS)
Process: 5225 ExecStartPre=/bin/rm -f /var/run/postgrey.pid
(code=exited, status=0/SUCCESS)
Main PID: 5229 (/usr/sbin/postg)
CGroup: /system.slice/postgrey.service
└─5229 /usr/sbin/postgrey
–unix=/var/spool/postfix/postgrey/socket –pidfile=/var/run/p…
juin 19 09:39:03 sd-100246 systemd[1]: Starting Postfix Greylisting Service… juin 19 09:39:04 sd-100246 postgrey[5229]: Process Backgrounded juin 19 09:39:04 sd-100246 postgrey[5229]: 2019/06/19-09:39:04 postgrey
(type Net::Server::Multi…29)
juin 19 09:39:04 sd-100246 postgrey[5229]: Binding to UNIX socket file
“/var/spool/postfix/postg…et”
juin 19 09:39:04 sd-100246 postgrey[5229]: Setting gid to “238 238”
juin 19 09:39:04 sd-100246 systemd[1]: Started Postfix Greylisting Service. juin 19 09:39:04 sd-100246 postgrey[5229]: Setting uid to “994”
The only problem is that there’s no greylisting. I tried to send mails from various mail servers to this machine. Everything gets delivered immediately, and there’s no greylisting action in /var/log/maillog.
Any suggestions?
Niki
—
Microlinux – Solutions informatiques durables
7, place de l’église – 30730 Montpezat Site : https://www.microlinux.fr Mail : info@microlinux.fr Tél. : 04 66 63 10 32
Mob. : 06 51 80 12 12
9 thoughts on - Postgrey Not Working
Did you include this line:
postgrey unix – n n – –
/var/spool/postfix/postgrey/socket
in your /etc/postix/master.cf file?
—
Mike Burger http://www.bubbanfriends.org
“It’s always suicide-mission this, save-the-planet that. No one ever just stops by to say ‘hi’ anymore.” –Colonel Jack O’Neill, SG1
Le 19/06/2019 à 16:38, Mike Burger a écrit :
No, but I tried to follow your suggestion, and still no luck.
—
Microlinux – Solutions informatiques durables
7, place de l’église – 30730 Montpezat Site : https://www.microlinux.fr Mail : info@microlinux.fr Tél. : 04 66 63 10 32
Mob. : 06 51 80 12 12
Try following the Postgrey guide on the Wiki:
https://wiki.CentOS.org/HowTos/postgrey#head-314ceecc5ece27e0f0a4bf1abcd8ee9356cd1a5e
Works for me (allowing for the switch to systemd)
Le 19/06/2019 à 22:05, Phil Perry a écrit :
I’ve followed this document, and still no joy.
Niki
—
Microlinux – Solutions informatiques durables
7, place de l’église – 30730 Montpezat Site : https://www.microlinux.fr Mail : info@microlinux.fr Tél. : 04 66 63 10 32
Mob. : 06 51 80 12 12
Am 20.06.2019 um 09:39 schrieb Nicolas Kovacs:
What is being logged when a message passes your MTA inbound? The answer to your issue is within the maillog.
Alexander
Le 20/06/2019 à 11:28, Alexander Dalloz a écrit :
According to maillog, the message is delivered instantly, exactly like on a normal configuration without Postgrey.
—
Microlinux – Solutions informatiques durables
7, place de l’église – 30730 Montpezat Site : https://www.microlinux.fr Mail : info@microlinux.fr Tél. : 04 66 63 10 32
Mob. : 06 51 80 12 12
Am 20.06.2019 um 11:35 schrieb Nicolas Kovacs:
Let me get my question more precise: do you see postgrey acting in your maillog? if not you have not configured postfix properly.
Alexander
Postgrey is installed, there’s a whole stack of whitelisted sites in
/etc/postfix/postgrey_whitelist_clients, you should clear these, restart Postgrey and check logs with
cat /var/log/maillog | grep postgrey
Hope this helps
So you fixed the following from your original post as per the Postfix guide?
# /etc/sysconfig/postgrey
– POSTGREY_OPTS=”–delay=300″
+ POSTGREY_OPTS=”–unix=/var/spool/postfix/postgrey/socket –delay=300″
Edit /etc/postfix/main.cf accordingly.
smtpd_recipient_restrictions =
permit_mynetworks,
permit_auth_destination,
permit_sasl_authenticated,
– check_policy_service unix:/var/spool/postfix/postgrey/socket,
+ check_policy_service unix:postgrey/socket,
reject
Also, by placing permit_auth_destination before your check_policy_service entry, you are allowing all mail that is addressed to $mydestination, $virtual_alias_domains or $relay_domains to pass so pretty much everything is being accepted at that point if it’s valid mail for your server. That would explain why nothing ever reaches the postgrey service, as you’ve already explicitly allowed it beforehand.
See the Wiki guide on Postfix restrictions for a more normal construction of SMTPd_recipient_restrictions:
https://wiki.CentOS.org/HowTos/postfix_restrictions
Phil