Answer the question
In order to leave comments, you need to log in
F
F
fox_ch22019-02-11 19:15:30
fox_ch2, 2019-02-11 19:15:30
How to configure gray lists (Postfix + Postgrey+Exchange) correctly?
I have a configured configuration from
Postfix - as an external MTA and an
Exchange spam cutter - as the final server for receiving letters
I screwed it to my Postfix - PostGrey - in order to cut off very impudent spam and noticed such nonsense that in the modern world a lot of companies use Office365 and other public mailers for
spammers keep up and start sending spam from outlook.com / google.com servers as well Postgrey
for some reason checks the sender's host, not the mail domain and as a result I have a carousel until this chain works and the letter will end up in the mailbox.
Feb 11 18:52:50 post postfix/smtpd[24897]: NOQUEUE: reject: RCPT from mail-eopbgr70121.outbound.protection.outlook.com[40.107.7.121]: 450 4.2.0 <*@apkholding.ru>: Sender address rejected: Greylisted, see http://postgrey.schweikert.ch/help/***.ru.html; from=<*@apkholding.ru> to=<***> proto=ESMTP helo=<EUR04-HE1-obe.outbound.protection.outlook.com>
Feb 11 18:53:46 post postfix/smtpd[24903]: NOQUEUE: reject: RCPT from mail-eopbgr00135.outbound.protection.outlook.com[40.107.0.135]: 450 4.2.0 <*@apkholding.ru>: Sender address rejected: Greylisted, see http://postgrey.schweikert.ch/help/***.ru.html; from=<*@apkholding.ru> to=<***> proto=ESMTP helo=<EUR02-AM5-obe.outbound.protection.outlook.com>
Feb 11 18:55:45 post postfix/smtpd[24897]: NOQUEUE: reject: RCPT from mail-eopbgr140055.outbound.protection.outlook.com[40.107.14.55]: 450 4.2.0 <*@telsell.telecontact.ru>: Sender address rejected: Greylisted, see http://postgrey.schweikert.ch/help/***.ru.html; from=<*@telsell.telecontact.ru> to=<***> proto=ESMTP helo=<EUR01-VE1-obe.outbound.protection.outlook.com>
Feb 11 18:55:50 post postfix/smtpd[24903]: NOQUEUE: reject: RCPT from mail-eopbgr20056.outbound.protection.outlook.com[40.107.2.56]: 450 4.2.0 <*@telsell.telecontact.ru>: Sender address rejected: Greylisted, see http://postgrey.schweikert.ch/help/***.ru.html; from=<*@telsell.telecontact.ru> to=<***> proto=ESMTP helo=<EUR02-VE1-obe.outbound.protection.outlook.com>Help, help good people
how to write in whitelist_client so that it is not the sender host that is checked for exceptions, but the sender domain
when inserting @gmail.com
letters are still sent to the greylist, since the sender host is google.com
or maybe you need to insert this check into another section in etc\postfix\main.cf
spoiler
smtpd_recipient_restrictions =
reject_non_fqdn_hostname
reject_non_fqdn_sender
reject_non_fqdn_recipient
reject_invalid_hostname
reject_unauth_destination
reject_unknown_sender_domain
reject_unknown_recipient_domain
reject_unknown_hostname
reject_rbl_client zen.spamhaus.org
reject_rbl_client bl.spamcannibal.org
reject_rbl_client dul.dnsbl.sorbs.net
check_sender_access hash:/etc/postgrey/whitelist_recipients
check_policy_service inet:127.0.0.1:10023
check_policy_service unix:private/policyd-spf
reject_non_fqdn_hostname
reject_non_fqdn_sender
reject_non_fqdn_recipient
reject_invalid_hostname
reject_unauth_destination
reject_unknown_sender_domain
reject_unknown_recipient_domain
reject_unknown_hostname
reject_rbl_client zen.spamhaus.org
reject_rbl_client bl.spamcannibal.org
reject_rbl_client dul.dnsbl.sorbs.net
check_sender_access hash:/etc/postgrey/whitelist_recipients
check_policy_service inet:127.0.0.1:10023
check_policy_service unix:private/policyd-spf
And sometimes important letters hang on the forwarding carousel for a couple of hours
Similar questions
L
Levani Ramazashvili2016-09-27 21:50:30
Is the site's ssl certificate suitable for the mail server?
3Reply
U
R
K
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question