Postgrey

Sometimes you come across solutions for known problems that are simply elegant. One of the biggest problems anyone on the 'net has trouble with, is email spam. There are lots of solutions to tackle the problem, but sometimes you come across one that's genius in simplicity. Bart installed Postgrey on our backup MX machine. (Well, actually, it's a Xen virtual machine that acts as our backup MX.)

Postgrey is a program that works together with the Postfix MTA we widely deploy. It takes a token from each email it recieves. The token is built as CLIENT_IP / SENDER / RECIPIENT, so quite easily obtained. If Postgrey detects a first occurance of a certain combination, it rejects the email with a 4xx error. The 4xx error tells email servers to try again later, so any normal MTA will just try again later, usually the next hour or so. Most spamming-tools however, employ a mechanism that doesn't fully implement the SMTP protocol. They just try to get the message out to as many hosts as possible and don't really look at the response code. So this is a nice way to easily reject spam. Although there's still a need for spam-checkers, their load is really reduced. (If you want more information, take a look at the whitepaper about greylisting.)

Look at the graphs below. You can see that Bart made the machine backup MX on Saturday. Around midday on Monday he installed Postgrey to greylist incoming email. We don't know how many of the messages that came through were still spam, but the load on the SpamAssassin machine at least is reduced quite a lot.

Graph showing the mailtraffic on secondary.cidev.nl

We're only deploying it at the backup MX at the moment, because it still delays sent mail a little and a lot of spam never tries the main MX. So at least it's some reduction. But I can imagine big sites finding a major boon in this program.

Comments

Comments powered by Disqus