DragonFly On-Line Manual Pages
GREYFIX(8) DragonFly System Manager's Manual GREYFIX(8)
NAME
greyfix - A greylisting policy daemon for Postfix
SYNOPSIS
greyfix [-Vvd] [-h home_directory] [-g delay_period]
[-b bloc_idle_period] [-p pass_period] [-r reject_action]
[-G greylist_action] [-/ prefix_size] [-6 prefix_size]
[--dump-triplets] [--help]
DESCRIPTION
greyfix is a efficient greylisting policy daemon for Postfix.
The options are:
-V, --version
Show version information.
-v, --verbose
Verbose logging.
-d, --debug
Debug logging.
--help Show usage information.
--dump-triplets
Dump the triplets database to stdout. Mostly for debugging
purposes.
-b seconds, --bloc-max-idle seconds
How many seconds of life are given to a record that is created
from a new mail (ip, from, to) triplet. Note that the window
created by this setting for passing mails is reduced by the
amount set for --greylist-delay. Also see --pass-max-idle.
Defaults to 18000.
-g seconds, --greylist-delay seconds
How many seconds we will block inbound mail that is from a
previously unknown (ip, from, to) triplet. If it is set to zero,
incoming mail association will be learned, but no deliveries will
be tempfailed. Use a setting of zero with caution, as it will
learn spammers as well as legitimate senders. Defaults to 3480.
-h home_directory, --home home_directory
Location of the Berkeley DB environment home location. Defaults
to /var/db/greyfix.
-p seconds, --pass-max-idle seconds
How long to give to a record we are updating from an allowed
(passed) email.
The default is 3110400, which should be enough to handle messages
that may only be sent once a month, or on things like the first
monday of the month (which sometimes means 5 weeks). Plus, we add
a day for a delivery buffer.
-r action, --reject-action action
The reject action directive that will be used. See access(5) for
valid actions. The placeholder %d expand to the number of
seconds, %p to the empty string if %d expands to 1 or "s"
otherwise, %s to a single space, and %% to "%".
The default is "DEFER_IF_PERMIT Greylisted by greyfix 0.4.0, try
again in %d second%p. See http://www.kim-minh.com/pub/greyfix/
for more information."
-G action, --greylisted-action action
The action that will be used the first time a triplet passes
greylisting. Same expansion as for --reject-action.
The default is "PREPEND X-Greyfix: Greylisted by greyfix 0.4.0
for %d second%p. See http://www.kim-minh.com/pub/greyfix/ for
more information."
-/ prefix_size, --network-prefix prefix_size
Only consider the first prefix_size bits of an IPv4 address.
Defaults to 32, i.e., the whole address is significant.
-6 prefix_size, --network6-prefix prefix_size
Only consider the first prefix_size bits of an IPv6 address.
Defaults to 128, i.e., the whole address is significant.
USAGE
Edit Postfix's master configuration file,
/usr/local/etc/postfix/master.cf, and add the following:
greyfix unix - n n - - spawn
user=nobody argv=/usr/local/sbin/greyfix -/ 24 -6 56
Edit Postfix's main configuration file, /etc/postfix/main.cf, and add the
following:
smtpd_recipient_restrictions =
permit_mynetworks,
reject_unauth_destination,
check_policy_service unix:private/greyfix
If there is already an smtpd_recipient_restrictions configuration line,
you should edit it rather than add a new one. The important part for
Greyfix is that you should add check_policy_service unix:private/greyfix
to it. Finally, have Postfix reload its configuration with postfix
reload.
NOTES
Logs
Greyfix logs to syslog(3) with the LOG_MAIL facility. As such, the log
messages should appear along Postfix's.
ALSO SEE
access(5)
AUTHORS
greyfix was written by Kim Minh Kaplan <http://www.kim-minh.com/>.
DragonFly 6.5-DEVELOPMENT April 26, 2014 DragonFly 6.5-DEVELOPMENT