I run my own email server using Postfix. For a long time I got barely any spam because my email addresses weren’t available in many places. I don’t remember how it happened, but that began to change when my email was included on CPAN. It wasn’t too bad however so I suffered without any spam filtering. Then, sites I used either sold my info or were hacked. The spam became annoying enough that I had to finally add SpamAssassin to the mix.

That helped a lot but every now and then a new deluge happens. Instead of getting fewer than ten spam emails in my inbox, I’ll get fifty or more. This is rather tedious and frustrating to deal with so I finally decided to add in greylisting with postgrey.

There aren’t a lot of recent tutorials about greylisting with Postfix but that could be because it’s rather simple. I found one example that was written in 2008 but updated in 2015. I shouldn’t have worried that much though. After installing, the postgrey(8) manpage says what to modify in Postfix’s main.cf file:

·   Put something like this in /etc/main.cf:

     smtpd_recipient_restrictions =
                   permit_mynetworks
                   ...
                   reject_unauth_destination
                   check_policy_service inet:127.0.0.1:10023

I did that, restarted postfix and waited. Gmail is in the safe exception list so I sent an email from Gmail and received it instantly. I followed the logs and saw a lot of spam email get greylisted and rejected. Some legitimate mail also got greylisted but sure enough, after the timeout it went through when the sender submitted it again. After two weeks of Postgrey running, I’ve had two spam emails make it to my inbox. Checking the spam folder and there are another 37 there.

I can’t believe I waited this long to implement greylisting.