Before I started the migration to Virtualmin for my hosting needs, I was running my stuff on Windows (well, I still am, partly), and used a self-written SMTP gateway software for first-level spam filtering. I had coded a mixture of protocol and header inspection, selective greylisting, tarpitting and DNSBL queries there. I found it to be working very well.
Now I’m wondering if the same or a similar functionality can be achieved with Linux.
After googling around for a while, I’m quite positive the aim can be achieved using the software listed in the subject, but I haven’t found any article which would describe a combination that results in my precise setup.
So, maybe if there’s some Postfix-versed users here, those could give me a hint? I’m trying to achieve the following:
First, I do some protocol and header checks. Reject invalid HELO and Spamhaus-listed IPs and stuff. Those things are/should be possibe with Postfix (already using Spamhaus there) and policyd-weight.
Then I choose which delivery attempts should go through greylisting. I employ both regular expressions on the deliverer IP’s reverse-DNS (to scan for dialup-like-looking hostnames) and query a DNSBL that lists dialup IPs. I’ve seen regular expressions and DNSBL queries in policyd-weight, but not yet how one can combine those to tell Postfix that it should do Greylisting if any of those match.
For Greylisting, I use a very high retry-time of like 6 hours. Since only dialup IPs should be caught in this, and most spam comes from there, and what comes from there is mostly spam, I find that appropriate. If a spammer is “intelligent” enough to actually retry after that long time, they’re usually listed in Spamhaus meanwhile. Gotcha.
So, basically I’d like to combine Postgrey and policyd-weight, to “super-greylist” only connections whose RDNS matches regexps or are listed in dialup DNSBLs. Can that be done? And if so, how?
Thanks in advance for help!