Postgrey
Views:
Contents |
Introduction
This page describes installing postgrey on a SLES9 server.
This document has been superseded by Email Server/Postgrey
There is a new page on postgrey, Email Server/Postgrey, which is part of the Email Server pages
About
Postgrey is a greylising server for postfix, it looks up incomming mails to see if its seen the server before. If it has then they are let through, if not instead of accepting the mail it sends a buisy message to the sending server, requesting that they try afgain later. Proper mail servers will of course do as they are told and will sned them mail later. However spam bots will just give up and move on.
Install
Postgrey is not availabe from yast. It is wrtten in perl, as such its not compiled.
Requires
- Perl (version ≥ 5.6.0)
- Net::Server
- IO::Multiplex
- BerkeleyDB (Perl module)
- Berkeley DB (Library, version ≥ 4.1)
and a startup script, this seems to work:
#!/bin/sh
#by Kieran and Tom Spring 2007
prog="/usr/local/sbin/postgrey"
swiches="--daemonize --dbdir=/var/lib/postgrey --pidfile=/var/lib/postgrey/postgrey.pid --inet=127.0.0.1:60000 --user=postgrey --group=postgrey"
prog_base="$(basename ${prog})"
RETVAL=0
case "$1" in
start)
echo "Starting ${prog_base}" `${prog} ${swiches}`
RETVAL=$?
;;
stop)
echo "Shutting down $prog_base"
kill `cat /var/lib/postgrey/postgrey.pid `
RETVAL=$?
echo
;;
restart)
$0 stop
$0 start
RETVAL=$?
;;
reload)
echo "Reload not available restarting"
$0 stop
$0 start
RETVAL=$?
;;
*)
echo "Usage: $0 {start|stop|restart|reload}"
exit 1
esac
exit $RETVAL
note the swiches used on the command line are most of Postgreys config, and are therefore specified in the startup file:
- /etc/init.d/postgrey
Install Process
Thuis is rocket science, make a user called postgrey, copy the files from the distro into the right places make sure the file permissions and ownership are right and start it up. Use the list below for guidence. When its running edit the /etc/postfix/main.cf postfix file and in the smtpd_recipient_restrictions section add a line like check_policy_service inet:127.0.0.1:60000, to have postfix comunicate with postgrey.
the full text to start posrgrey by hand is:
- /usr/local/sbin/postgrey --daemonize --dbdir=/var/lib/postgrey --pidfile=/var/lib/postgrey/postgrey.pid --inet=127.0.0.1:60000 --user=postgrey --group=postgrey
Files
Config files
- /etc/postfix/whitelist_clients - force override of greylisting
- /etc/postfix/whitelist_recipients - force overriding of greylisting
- /etc/postfix/postgrey - config file
Executables
- /usr/local/bin/postgreyreport - Generates report on how much greylising has been done
- /usr/local/sbin/postgrey - that actual program
other bits
- /var/lib/postgrey - working dir cotnains:
-rw------- 1 postgrey postgrey 24576 2007-04-11 12:52 __db.001 -rw------- 1 postgrey postgrey 163840 2007-04-11 12:52 __db.002 -rw------- 1 postgrey postgrey 270336 2007-04-11 12:52 __db.003 -rw------- 1 postgrey postgrey 98304 2007-04-11 12:52 __db.004 -rw------- 1 postgrey postgrey 40960 2007-04-11 12:52 __db.005 -rw------- 1 postgrey postgrey 10485760 2007-04-16 10:25 log.0000000001 -rw------- 1 postgrey postgrey 40960 2007-04-16 09:26 postgrey_clients.db -rw------- 1 postgrey postgrey 278528 2007-04-16 10:16 postgrey.db -rw------- 1 postgrey postgrey 0 2007-04-11 11:45 postgrey.lock -rw-r--r-- 1 postgrey postgrey 5 2007-04-11 12:52 postgrey.pid
