postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Re: SMTP relay and greylisting

Re: SMTP relay and greylisting

From: Noel Jones <njones_at_nospam>
Date: Tue Oct 26 2010 - 12:41:07 GMT
To: postfix-users@postfix.org

On 10/25/2010 9:38 PM, utahnix wrote:
> Hello all,
>
> This question has probably been asked on this list before, but
> maybe not quite with these circumstances. I'm hoping one of
> you can give me some direction.
>
> I've got a fairly typical Postfix setup... Postfix, Cyrus
> IMAP, ClamAV, SpamAssassin... all on Linux.
>
> Anyway, I've set up greylisting with Postgrey to help cut down
> on the junk mail that I get. I've set it up with default
> values (deferral of 300 seconds, etc). Well all seems good and
> fair except some of my regular senders can't seem to get their
> email through. I've checked my server logs and I don't even
> see their email address mentioned (it doesn't appear to even
> reach my machine). Several of the emails in question are Yahoo
> or Gmail. What's odd is that I have both a Yahoo account and a
> Gmail account, and I can send myself mail with no problems.

"Well known" mail servers shouldn't be subjected to
greylisting; it unnecessarily delays mail that will always
pass later.

>
> I disabled Postgrey temporarily and had these senders re-send
> test messages from their addresses, and it worked (I got their
> messages). So something was certainly hanging things up. I
> just wish I knew what that was.

If postgrey and/or postfix didn't log deferring their mail,
then the problem was elsewhere.

> This got me thinking... my ISP requires that I forward all
> outbound email through their SMTP server. Because their mail
> server (the SMTP relay I'm required to relay mail to) has
> suddenly been added to various RBLs for repeated "deferrals",
> is it possible that my greylisting is what is getting them on
> those RBLs?

I've never heard of a server being blacklisted for deferrals.
  That's crazy talk.

At any rate, they wouldn't be blacklisted for your greylisting.

If you're sending tons of non-delivery notices out through
your ISP, that's another matter. That could get them
blacklisted as a backscatterer, and if they're paying
attention, your service disconnected.

> The Postgrey does cut down on the spam significantly,
> particularly when used in conjunction with SpamAssassin and
> RBLs like SpamCop and SpamHaus. I'd like to keep Postgrey if I
> can, assuming that my delivery problems are not directly
> associated with Postgrey... but if my circumstances with my
> ISP won't allow me to greylist, then disabling Postgrey might
> save me a headache.
>
> I guess I'm looking for some advice as to whether Postgrey
> could cause problems with my ISP (they run Exim on FreeBSD and
> firewall outgoing tcp port 25 everywhere but on their one mail
> server) but I don't know much more than that), or if there are
> some settings I should change to improve my greylisting setup.

You have no evidence that postgrey is the problem. With the
evidence you do have -- nothing in the logs -- it seems quite
unlikely postgrey is the problem.

>
> And just to clarify, port 25 is only blocked on the outbound.
> Inbound email comes straight to my mail system, which is only
> composed of one machine.
>
> Advice is very appreciated!
>

You need to look further. Make sure you're not a backscatter
source; don't accept mail you can't deliver to the intended
recipient. It's pretty common for servers to be blacklisted
as a backscatterer.

    -- Noel Jones