postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Re: Greylisting after header check

Re: Greylisting after header check

From: Stan Hoeppner <stan_at_nospam>
Date: Wed Oct 27 2010 - 23:46:34 GMT

Неворотин Вадим put forth on 10/27/2010 10:51 AM:
> I can't add clients to whitelist because I don't know their addresses. One
> of our manager call to client with phone and say him email address. And in
> this case manager should receive a letter without greylisting, so in fact I
> need some method to pass greylisting, which manager could describe to
> client. The simplest way for manager and client is to add to mail subject
> some digital code, but I can't understand how to configure Postfix to
> support this method.

Will all these clients be sending to the same email address
@yourcompany.tld upon this initial contact? If so, simply whitelist the
recipient address. There are many ways to skin this cat. The key is
that any anti-spam measures should always be 100% transparent to
senders. I.e. they shouldn't have to add something to the subject line
just to get their email through your server, or jump through any other

I use Postgrey here, and the most I've ever had to wait on greylist
delay after signing up for a new mailing list or placing an order with a
new company was a few minutes. If you can't whitelist in one form or
another, and a few minutes delay is too long for you, then you shouldn't
be using greylisting at all, as it's not a good fit for your needs.

-- Stan > 2010/10/27 Stan Hoeppner <> > >> >> Greylisting has but one purpose: stopping spam bots (zombies) >> >> Are these new clients sending emails to you from zombies? No, of course >> not. So simply whitelist their addresses or IPs in your greylist daemon >> setup (not in Postfix). This is trivial to do with Postgrey, though I >> don't know about other daemons. >> >> Whitelisting in your greylist software is not the same as whitelisting >> in Postfix. It only allows clients to bypass the greylisting step. Any >> real MTA will retry, so if you _know_ it's a real MTA, which in this >> case you do, whitelist it in your greylist config. >> >> -- >> Stan >> >