On Thu, 13 Aug 2009 12:40:47 -0500, Noel Jones <njo...@megan.vbhcs.org> wrote: > fmgre-list...@yahoo.fr wrote: >> Hello, >> >> >> We are reconfiguring our incoming mail server. >> It was working with greylisting enabled ; and we've just added the >> verify (reject_unverified_recipient) capacity. >> >> To avoid email address harvesting, we would like to keep on greylisting >> all incoming mail wheteher or not it may fail the >> reject_unverified_recipient test. >> >> According to the postfix documentation, smtpd_recipient_restrictions >> tests are verified in the order listed. >> >> But all i can achieve is : reject_unverified_recipient rejects mails >> before the grelisting is done. >> >> >> Here is our current settings : >> >> --- >> smtpd_recipient_restrictions = >> reject_unauth_destination,
reject_unlisted_recipient, >> check_policy_service inet:127.0.0.1:60000, >> check_recipient_access hash:/etc/postfix/recipient_access, silly >> reject_unverified_recipient, silly >> permit permit what ? >> >> > > Configure your greylisting service to return "DEFER" rather > than "DEFER_IF_PERMIT". See the docs for your policy service > for details of how to do this. > > Most greylisters use DEFER_IF_PERMIT to prevent deferring mail > that would be rejected by a later restriction. That way the > sending server knows to not try back later. would it not be worse ? -- Benny Pedersen
