---
Postgrey 1.32.0 on openSuSE Linux 10.2
This article describes the intregration of Postgrey into Postfix on a SuSE Linux 10.2 Server.
What is Postgrey?
- Postgrey is a Postfix policy server implementing greylisting developed byDavid Schweikert.
If you need more Information have a look at his homepage:Postgrey by David Schweikert.
Linux distribution does not comes with a precompiled package so we must compile the whole thing ourself.
System Description:
Standard SuSE linux 10.2 server, installed in runlevel3. No graphical system is required because it is a server and nothing more ;-)
Systemrequirements:
We use Cyrus-Imap as Mail Server so install the follwing packages via SuSE "YaST" and configure them.
- postfix
- amavisd-new
- spamassassin
- cyrus-imapd
- gcc, make
- glibc-devel
- Perl >= 5.6.0
- Net::Server (Perl Module)
- IO::Multiplex (Perl Module)
- BerkeleyDB (Perl Module)
- Berkeley DB >= 4.1 (Library)
Now we start:
Download and install Postgrey 1.32.0
$>cd /usr/local/src $>wget http://postgrey.schweikert.ch/pub/postgrey-1.32.tar.gz ... $>tar xzvf postgrey-1.32.tar.gz $>cd postgrey-1.32 $>rm COPYING Changes README README.exim $>chown -R root.root ./ $>cp -Rp * /etc/postfix
Now we start the Postgrey Daemon:
$>/etc/postfix/./postgrey -d --user=root --inet=127.0.0.1:60000 --delay=300 --hostname=mail.example.com --auto-whitelist-clients
Now we include Postgrey to Postfix:
$>vi /etc/postfix/main.cf
$>add this line "check_policy_service inet:127.0.0.1:60000" to your "smtpd_recipient_restrictions"
$>see example...
smtpd_recipient_restrictions =
reject_non_fqdn_recipient,
permit_tls_clientcerts,
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination,
reject_unauth_pipelining,
check_policy_service inet:127.0.0.1:60000,
check_recipient_access pcre:/etc/postfix/recipient_checks,
check_helo_access pcre:/etc/postfix/helo_checks,
reject_unlisted_recipient
...
$>now restart postfix via "rcpostfix restart"
$>don't forget to have a look at mail.log if everything is working...
$>and don't forget do make a startup script add runlevel3!!!
Here an example of a startup script:
$>vi /etc/init.d/postgrey
$>add this into the script:
#! /bin/sh
#
# Author: Thomas Schneider alias komaii - http://wwww.komaii.com
# Copyright 2008 komaii
#
#
### BEGIN INIT INFO
# Provides:
# Required-Start: $network $syslog
# Should-Start:
# Required-Stop:
# Default-Start: 3 5
# Default-Stop:
# Description: start the Postgrey Daemon
### END INIT INFO
#
# /etc/init.d/postgrey
# and its link
# /usr/sbin/rcpostgrey
#
# Determine the base and follow a runlevel link name.
base=${0##*/}
link=${base#*[SK][0-9][0-9]}
POSTGREY_BIN=/etc/postfix/postgrey
NAME=POSTGREY
PIDFILE=/var/run/postgrey.pid
. /etc/rc.status
rc_reset
test -x $EXE || exit 0
case "$1" in
start)
echo -n "Starting the Postgrey policy server"
# Start the Postgrey policy server.
if ! checkproc -p $PIDFILE $POSTGREY_BIN; then
/sbin/startproc $POSTGREY_BIN -d --pidfile=$PIDFILE --user=root --inet=127.0.0.1:60000 --delay=300 --hostname=mail.example.com --auto-whitelist-clients=/etc/postfix/postgrey_whitelist_clients --whitelist-recipients=/etc/postfix/postgrey_whitelist_recipients
else
rc_reset
fi
rc_status -v
;;
stop)
echo -n "Stop the Postgrey policy server"
# Stop Postgrey
/sbin/killproc $POSTGREY_BIN
rc_status -v
;;
reload)
echo -n "Reload the Postgrey policy server"
/sbin/killproc -HUP $POSTGREY_BIN
rc_status -v
;;
status)
echo -n "Check the Postgrey policy server"
/sbin/checkproc $POSTGREY_BIN
rc_status -v
;;
*)
echo "Usage: $0 {start|stop|reload|status}"
exit 1
esac
rc_exit
$>chmod 755 /etc/init.d/postgrey
$>start YaST and activate the script via runlevel or use "chkconfig -a postgrey"
$>see it with "chkconfig -l"
$>and check it with "netstat -tulpen | grep LISTEN" if the daemon is running.
$>you can download the script here postgrey