Hi Simon,
more of a workaround than a solution, but you might give it a try:
disable greylisting in policyd and use a separate tool.
I personally use
https://github.com/felix/gross
which combines greylisting and blacklists in a way that combines their
strengths while avoiding their weaknesses
(i.e., it avoids excessive greylisting by only greylisting suspicious
clients, and it doesn't unconditionally block what's in a RBL either ;-)
)
Configuration then simply looks like this:
smtpd_recipient_restrictions =
permit_mynetworks,
[...]
# policyd:
check_policy_service inet:127.0.0.1:10031 ,
permit_sasl_authenticated,
[...]
# grossd:
check_policy_service inet:127.0.0.1:5525 ,
permit
smtpd_end_of_data_restrictions =
# policyd:
check_policy_service inet:127.0.0.1:10031 ,
permit
This is working fine with postsrs.
Cheers
Chris
Given that so many of the big names seem to be completely wedded to
the abomination that is SPF and all the valid things it breaks, seems
like I'm going to have to start doing SRS.
I've installed postsrsd from https://github.com/roehling/postsrsd but
...
Sender quotas seem OK - based on SASL auth id. But and greylisting is
hosed. AIUI postsrsd rewrites the sender address before policyd gets
to process the message - so greylisting effectively gets "reset" every
day (when the SRS timestamp changes). Postsrsd integrates via these
Postfix incantations :
sender_canonical_maps = tcp:localhost:10001
sender_canonical_classes = envelope_sender
recipient_canonical_maps = tcp:localhost:10002
recipient_canonical_classes= envelope_recipient,header_recipient
I find that greylisting tends to be pretty invisible for a lot of
email - simply because a lot of it is between people who have
communicated before and it's whitelisted. But if it's "reset" every
day then it's going to be much more intrusive.
Any thoughts on ways round this ?
_______________________________________________
Users mailing list
[email protected]
http://lists.policyd.org/mailman/listinfo/users_lists.policyd.org
