Using Greylisting in Postfix

Greylisting can be a pretty effective method for reducing the amount of spam you receive. It works by temporarily rejecting emails. Valid email servers will then retry delivery, and be allowed through while spammers will (hopefully) give up.

1. Start with a fully updated and configured Postfix server.
2. Install Postgrey:

   sudo apt -y install postgrey

3. Configure Postfix to use Postgrey:

   cp /etc/default/postgrey /tmp
   sed -i 's/POSTGREY_OPTS="--inet=10023"/POSTGREY_OPTS="--inet=127.0.0.1:10023 --delay=180"/' /tmp/postgrey
   sudo mv /tmp/postgrey /etc/default/
    
   SRR=$(postconf -p smtpd_recipient_restrictions | sed 's/smtpd_recipient_restrictions = //g')
    
   if [ -z "$SRR" ]; then
        SRR="check_policy_service inet:127.0.0.1:10023";
   else
        SRR="$SRR,check_policy_service inet:127.0.0.1:10023"
   fi
    
   sudo postconf -e "smtpd_recipient_restrictions = $SRR"

4. Restart Postfix and Postgrey:

   sudo systemctl restart postfix
   sudo systemctl restart postgrey