| 1 |
On 10/22/2014 01:12 AM, Ajai Khattri wrote: |
| 2 |
> |
| 3 |
> Ive been running postgrey for years without any problems but today I |
| 4 |
> noticed I hadn't gotten email for awhile and realized upon investigation |
| 5 |
> that postgrey wasnt running so postfix was rejecting mail. |
| 6 |
|
| 7 |
For what it's worth, recent versions of postfix ship with a |
| 8 |
pre-screening daemon called postscreen. It has a suite of tests that |
| 9 |
work after the initial greeting, and thus have the "negative" side |
| 10 |
effect that the client must be disconnected (temporarily) if it passes: |
| 11 |
|
| 12 |
http://www.postfix.org/POSTSCREEN_README.html#after_220 |
| 13 |
|
| 14 |
The main limitation of "after 220 greeting" tests is that a new |
| 15 |
client must disconnect after passing these tests (reason: postscreen |
| 16 |
is not a proxy). Then the client must reconnect from the same IP |
| 17 |
address before it can deliver mail. |
| 18 |
|
| 19 |
In other words, it greylists them. So if you're already running a |
| 20 |
separate greylisting daemon, it's safe for you to enable postscreen and |
| 21 |
turn on the "deep protocol tests" (see the README). That way you get |
| 22 |
postscreen's benefit for free and don't need to worry about running a |
| 23 |
separate greylisting daemon any more. |
Archives