postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Re: reverse greylist

Re: reverse greylist

From: Michael Orlitzky <michael_at_nospam>
Date: Wed Oct 13 2010 - 23:11:19 GMT
To: postfix-users@postfix.org

On 10/13/2010 05:53 PM, Dan Lannom wrote:
> At many Universities there is a continual problem with accounts being
> phished and used to send spam. We have a number of measures that
> catch stolen accounts but they take a little bit of time to block
> outgoing email.
>
> Ideally I'd like to hold email to either a new address or a new
> address,sender,sender ip triplet like greylisting uses. Even holding
> for a minute would give us enough time to lock the account and remove
> all incentives to phish our accounts (I hope).
>
> Is anyone aware of of a greylisting type policy server that can use
> a specific header, containing the sender ip, or one that just uses
> the destination address?

You could modify Postgrey to return HOLD instead of DEFER_IF_PERMIT.
Then, subject your submission service to the modified Postgrey.

Held messages can be released with a cron job.

(You may want to test that the auto-whitelist still works properly under
this scheme.)