Last week I migrated our 5 year old Postfix mail server to Slicehost, and took the opportunity to install some spam fighting tools that weren't available 5 years ago. In the process, I noticed that my primary email account's junk folder went from adding 1000+ spam emails a day to less than 20. I hesitated to blog about it but the results keep getting better after 1 week.
It's amazing how easy it was to do this, thanks to Postgrey and Ubuntu.
Below are the exact commands I typed to get this up and running.
$ apt-get install postgrey $ postconf -e 'smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,check_policy_service inet:127.0.0.1:10023' $ /etc/init.d/postfix reload
So what is Greylisting?
Greylisting relies on the fact that most spam sources do not behave in the same way as "normal" mail systems. Postgrey, a greylisting addon for Postfix, automatically rejects every email that appears to be a new combination of client_ip/sender/recipient. When a "normal" mail server receives the rejection it will automatically try to resend the email and after 5 minutes Postgrey delivers that email to you.
I wish we would have installed this sooner. The amount of spam I was receiving was closer to 3,000 emails per day across all company email addresses. I no longer worry that legitimate emails get marked as spam, when they do it only takes a few seconds to scan my Junk folder and pull them out.
There is a good discussion on Hacker News about some downsides to this approach.
I should also mention SendGrid is handling our transactional emails, and they are awesome.
If you are interested in the entire mail server setup, I followed these guides: 1, 2, 3, 4. Also, for some reason related to SASL, I could not send email until dovecot-postfix was installed after all of the configuration.