Greylisting is a technique that will help in preventing spam entering your inbox. Greylisting is related to whitelisting and blacklisting. Every time a given mailbox receives an email from an unknown contact (ip), that mail is rejected with a “try again later”-message (This happens at the SMTP layer and is transparent to the end user). This, in the short run, means that all mail gets delayed at least until the sender tries again – but this is where spam loses out! Most spam is not sent out using RFC compliant MTAs; the spamming software will not try again later. For more information on the workings of greylisting you could read: Greylisting.org

I’ve choosen SQLGrey as it is a good solution and it is very simple to install and operate. SQLGrey is written in Perl which is available on every Mac and uses MySQL for datastorage, but to get it working we will need to add some mandatory Perl modules.

As not many people use Perl on a daily basis it would be good to update the CPAN installation. Execute the following command and accept all the default values:

sudo perl -MCPAN -e 'install Bundle::CPAN'

Next the MySQL module, this might give an error when the MySQL root user has a password (which it should) therefore we need to follow a different procedure:

sudo perl -MCPAN -e shell

Now you sould get the ‘cpan>‘ prompt and then enter:

force install Bundle::DBD::mysql

followed by ‘exit‘ to return to the regular bash prompt.

Next are the Net::Server and IO::Multiplex modules:

sudo perl -MCPAN -e 'install Net::Server'

sudo perl -MCPAN -e 'install IO::Multiplex'

When all the Perl modules are installed we are ready to ceate the database for SQLGrey.

Startup a mysql session and enter the following commands to create the SQLGrey database and user:

CREATE DATABASE sqlgrey;
GRANT ALL ON sqlgrey.* TO sqlgrey@localhost identified by 'sqlgreypassword';

At the first startup of SQLGrey the tables and all will be created automatically. Next step is creating a dedicated user called ’sqlgrey’ for running the SQLGrey daemon. Please note the difference between Leopard and Tiger.

Leopard
sudo dscl . -create /Users/_sqlgrey
sudo dscl . -create /Users/_sqlgrey UserShell /usr/bin/false
sudo dscl . -create /Users/_sqlgrey UniqueID 103
sudo dscl . -create /Users/_sqlgrey PrimaryGroupID 27
sudo dscl . -create /Users/_sqlgrey NFSHomeDirectory /var/empty
sudo dscl . -passwd /Users/_sqlgrey ''

Tiger
sudo niutil -create / /users/sqlgrey
sudo niutil -createprop / /users/sqlgrey uid 103
sudo niutil -createprop / /users/sqlgrey gid 27
sudo niutil -createprop / /users/sqlgrey shell "/usr/bin/false"
sudo niutil -createprop / /users/sqlgrey home "/var/empty"
sudo niutil -createprop / /users/sqlgrey passwd "*"

If you’ve downloaded SQLGrey from sourceforge please unpack it and ‘cd’ into the directory and run the following commands:

make
sudo make install

Next you need to edit the configuration file called ‘sqlgrey.conf‘ in the directory ‘/etc/sqlgrey/‘. I only show you the changes that are different from the default settings: (On Tiger don’t use the underscore in username and group)

user = _sqlgrey
group = _postfix
 
db_type = mysql
db_name = sqlgrey
db_host = localhost
db_port = default
db_user = sqlgrey
db_pass = sqlgreypassword
 
admin_mail = info@richard5.net

Next you need to create some extra files in the configuration directory for whitelist purposes:

sudo touch /etc/sqlgrey/clients_ip_whitelist.local
sudo touch /etc/sqlgrey/clients_fqdn_whitelist.local

To test if everything is configured correctly you could startup SQLGrey from the commandline using:

sudo sqlgrey -d &

You should see some logging appear in the /var/log/mail.log file, the database tabes should be created and a .pid file should appear in /var/run/

If everything looks allright you can change the postfix configuration to use the greylisting option. You’ll need to edit ‘main.cf‘ in ‘/etc/postfix‘ please change the section with ‘smtpd_recipient_restrictions‘ and add the line as shown below. Please note the difference when using DSpam:

without DSpam
smtpd_recipient_restrictions =
  reject_unauth_pipelining,
  reject_non_fqdn_recipient,
  reject_unknown_recipient_domain,
  permit_mynetworks,
  permit_sasl_authenticated,
  reject_unauth_destination,
  warn_if_reject,
  reject_non_fqdn_hostname,
  reject_non_fqdn_sender,
  reject_invalid_hostname,
  reject_rbl_client zen.spamhaus.org,
  check_policy_service inet:127.0.0.1:2501, #added line
  permit

with DSpam
smtpd_recipient_restrictions =
  reject_unauth_pipelining,
  reject_non_fqdn_recipient,
  reject_unknown_recipient_domain,
  permit_mynetworks,
  permit_sasl_authenticated,
  reject_unauth_destination,
  warn_if_reject,
  reject_non_fqdn_hostname,
  reject_non_fqdn_sender,
  reject_invalid_hostname,
  reject_rbl_client zen.spamhaus.org,
  check_policy_service inet:127.0.0.1:2501, #added line
  check_client_access pcre:/etc/postfix/dspam_filter_access

To activate the changes in postfix run the command:

sudo postfix reload

You now can test the complete setup by sending yourself an email using an external mail server like gmail.

Next step: Starting SQLGrey on startup