# postgrey reject without any delay

## Panard

Hello,

I'm tring to setup postgrey (with postfix).

I followed the instruction, started postgrey, and add given restriction..

When receiving a mail, the mail is rejected, without prompting for any delay :

```

aragorn postfix/smtpd[17710]: NOQUEUE: reject: RCPT from bilbo.backzone.net[88.191.29.78]: 450 4.7.1 <panard@backzone.net>: Recipient address rejected: "Greylisted; from=<panard@backzone.net> to=<panard@backzone.net> proto=ESMTP helo=<bilbo>

```

From the client side, it's received as a 450 error (instead of 451 isn't it?), and it passes to the secondary mail server... :

```

bilbo postfix/qmgr[15292]: DD962890DB2: from=<panard@backzone.net>, size=285, nrcpt=1 (queue active)

bilbo postfix/smtp[31523]: DD962890DB2: host mail.backzone.net[82.66.167.12] said: 450 4.7.1 <panard@backzone.net>: Recipient address rejected: "Greylisted (in reply to RCPT TO command)

bilbo postfix/smtp[31523]: DD962890DB2: to=<panard@backzone.net>, relay=mxsec1.dedibox.com[88.191.254.8]:25, delay=1.7, delays=0.04/0.02/0.62/1, dsn=2.0.0, status=sent (250 OK id=1HiXnC-0003Ry-Rk)

```

I tried to add "--greylist-action=451" to postgrey option, but it does nothing..

Here are the concerned configuration :

```
/etc/postfix/main.cf

smtpd_recipient_restrictions =

        permit_mynetworks,

        reject_unauth_destination,

        reject_invalid_hostname,

        check_policy_service unix:private/postgrey,

        permit

```

```
/etc/conf.f/postgrey

#  Leave unchanged unless you know what you are doing.

#  (ignored if POSTGREY_TYPE is set to 'unix')

POSTGREY_HOST="127.0.0.1"

# PORT

#  What TCP port should postgrey listen on?

#  (ignored if POSTGREY_TYPE is set to 'unix')

POSTGREY_PORT="10030"

# SOCKET

#  Unix socket to listen on, if POSTGREY_TYPE is set to 'unix'.

#  Leave unchanged unless you know what you are doing.

#  (ignored if POSTGREY_TYPE is set to 'inet')

POSTGREY_SOCKET="/var/spool/postfix/private/postgrey"

# PID

#  Postgrey pid file.

#  Do not change, if you don't know what this is!

POSTGREY_PID="/var/run/postgrey.pid"

# DELAY

#  How long to delay mail that is greylisted in seconds.

POSTGREY_DELAY=300

# TEXT

#  The response we'll send back with delayed mail.

POSTGREY_TEXT="Greylisted for %s seconds"

# Additional Postgrey options

#

# -v, --verbose                 increase verbosity level

# --max-age=N                   delete entries older than N days since the last time

#                               that they have been seen (default: 30)

# --retry-window=N              allow only N days for the first retrial (default: 2)

#                               append 'h' if you want to specify it in hours

# --greylist-action=A           if greylisted, return A to Postfix (default: DEFER_IF_PERMIT)

# --lookup-by-subnet            strip the last 8 bits from IP addresses (default)

# --lookup-by-host              do not strip the last 8 bits from IP addresses

# --whitelist-clients=FILE      default: /etc/postfix/postgrey_whitelist_clients

# --whitelist-recipients=FILE   default: /etc/postfix/postgrey_whitelist_recipients

#

# Note that the --whitelist-x options can be specified multiple times, and that

# per default /etc/postfix/postgrey_whitelist_clients.local is also read, so

# that you can put there local entries.

#

POSTGREY_OPTS="--greylist-action=451"

```

Any help is welcome...

Thanks,

Panard

----------

## blubbi

I actually don't use postgrey but sqlgrey.

( http://gentoo-wiki.com/HOWTO_Email:_A_Complete_Virtual_System_-_GreyListing )

If there is no special reason why you use postgrey, try sqlgrey. Works flawless here.

loggs like this if a mail got greyed out:

sqlgrey: grey: new: 80.121.57.xxx(80.121.57.xxx), xyz@xyz.com -> myuser@mydomain.de

postfix/smtpd[28797]: NOQUEUE: reject: RCPT from xxx.adsl.highway.telekom.at[80.121.57.xxx]: 450 <myuser@mydomain.de>: Recipient address rejected: Greylisted for 5 minutes; from=<xyz@xyz.com> to=<myuser@mydomain.de> proto=SMTP helo=<xyz.adsl.highway.telekom.at>

Then when the mail is send again after the greylist time (5 minutes)

sqlgrey: grey: from awl match: updating 80.121.57.xxx(80.121.57.xxx)

mail-filter/sqlgrey

http://sqlgrey.sourceforge.net/

WebFrontend:

http://www.vanheusden.com/sgwi/

regards

blubbi

----------

## Stever

 *Panard wrote:*   

> Hello,
> 
> I'm tring to setup postgrey (with postfix).
> 
> I followed the instruction, started postgrey, and add given restriction..
> ...

 

That is how it is supposed to work.  There is no delay prompt, the greylist delay is just the minimum delay your mailserver will impose before accepting a message from outside.  Any 4xx reject code is a temporary error, and it is up to the SENDING mailserver to keep retrying at least that long if it wants to get the message through.

If you have a secondary mailserver, then it also needs to be greylisting or the whole idea just doesn't work.

----------

