Gentoo Archives: gentoo-user

From: thegeezer <thegeezer@×××××××××.net>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Trying to debug postgrey
Date: Fri, 24 Oct 2014 20:27:00
In Reply to: Re: [gentoo-user] Trying to debug postgrey by Michael Orlitzky
1 On 24/10/14 15:37, Michael Orlitzky wrote:
2 > On 10/22/2014 01:12 AM, Ajai Khattri wrote:
3 >> Ive been running postgrey for years without any problems but today I
4 >> noticed I hadn't gotten email for awhile and realized upon investigation
5 >> that postgrey wasnt running so postfix was rejecting mail.
6 > For what it's worth, recent versions of postfix ship with a
7 > pre-screening daemon called postscreen. It has a suite of tests that
8 > work after the initial greeting, and thus have the "negative" side
9 > effect that the client must be disconnected (temporarily) if it passes:
10 >
11 >
12 >
13 > The main limitation of "after 220 greeting" tests is that a new
14 > client must disconnect after passing these tests (reason: postscreen
15 > is not a proxy). Then the client must reconnect from the same IP
16 > address before it can deliver mail.
17 >
18 > In other words, it greylists them. So if you're already running a
19 > separate greylisting daemon, it's safe for you to enable postscreen and
20 > turn on the "deep protocol tests" (see the README). That way you get
21 > postscreen's benefit for free and don't need to worry about running a
22 > separate greylisting daemon any more.
23 >
24 >
25 very good, after looking up postscreen i went through a phase of wow,
26 how did i miss this, and then even went so far to check when all this
27 came about (2011 it seems)
28 definitely a good one to know about, for the greylisting and for the
29 other tests too.
30 one to investigate more, thanks for the tip !