Part 13. GreyListing.

The list of articles cycle

The work of gray lists is based on the fact that spammers in case of sending errors often do not send the letter a second time, and legitimate mail servers will try to send a letter for at least two days.

When the message is received for the first time our server returns an error 450 (message not accepted due to a temporary error) and terminates the session,

After a specified timeout (default 300 seconds) the message will be accepted and address of the sender server will be temporary whitelisted. The server will stay in this list for 35 days since the last successful session by default


Let’s install the necessary software

# apt install postgrey

Postfix configuring

Changing the Postfix configuration

In the file add a check to the smtpd_recipient_restrictions block. To do this, we will add the following line:

check_policy_service inet:

it is better to put it right after the line


Postgrey configuring

The main configuration file is /etc/default/postgrey

Let’s change POSTGREY_OPTS parameter to the

POSTGREY_OPTS = "--inet= --delay=20 --max-age=60 --whitelist-clients=/etc/postgrey/whitelist_clients"


--inet= postgrey listens for the connection at the appropriate IP address and port

--delay=20 delay in seconds before receiving a message, that is, the first message will be rejected, and the second, if it arrives in 20 seconds or more, will be accepted.

--max-age=60 the number of days the server is in the whitelist

--whitelist-clients=/etc/postgrey/whitelist_clients file with a whitelist of sender servers


Setting up a permanent servers whitelist

Servers whitelist contained in the file /etc/postgrey/whitelist_clients
Each sender server is recorded on a separate line in this file. This may be either a domain name or a regular expression that matches the domain name or IP address.

Example of the file part:



The list of articles cycle


You can buy the book

"Mail server based on Postfix,

Dovecot and RoundCube"

in electronic form in the store