[Gross] Gross not greylisting in postfix properly [?]

Sun Oct 26 11:24:19 EET 2008

Current greylisting with gross:

Oct 26 04:37:28 p34 postfix/smtpd[11478]: connect from dslb-084-061-200-033.pools.arcor-ip.net[84.61.200.33]
Oct 26 04:37:28 p34 grossd: #40fdb950: a=greylist d=123 w=3 c=84.61.200.33 s=nicotine at herbalwerks.com r=user at destination.com h=xppe.arcor-ip.net m=zen.spamhaus.org+3

[ .. ] a later policy/restriction takes over instead [ .. ]

Oct 26 04:37:28 p34 postfix/geoip[11481]: address[84.61.200.33] country[DE, Germany] result[strictcheckslvl2] 
Oct 26 04:37:28 p34 postfix/smtpd[11478]: NOQUEUE: reject: RCPT from dslb-084-061-200-033.pools.arcor-ip.net[84.61.200.33]: 454 4.7.1 Service unavailable; Client host [84.61.200.33] blocked using dul.dnsbl.sorbs.net; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml?84.61.200.33; from=<nicotine at herbalwerks.com> to=<user at destination.com> proto=SMTP helo=<xppe.arcor-ip.net>
Oct 26 04:37:28 p34 postfix/smtpd[11478]: disconnect from dslb-084-061-200-033.pools.arcor-ip.net[84.61.200.33]

To fix this same problem in postgrey, one modifies the POSTGREY_OPTS from:

(Default = DEFER_IF_PERMIT)

POSTGREY_OPTS="--inet=127.0.0.1:60000"

To:

POSTGREY_OPTS="--inet=127.0.0.1:60000 --greylist-action=421"

So when it gets to the specific restriction in postfix [grossd] it will
greylist and not continue to the next check.

Is this possible to get this added into grossd or make the action specifiable?
So grossd greylists the e-mail first before it gets to the next check?

------

So I disabled all other policies in postfix to test the greylisting 
feature in grossd and disabled the BLOCK in grossd (which works well):

Oct 26 05:02:31 p34 postfix/smtpd[25864]: connect from dslb-084-061-200-033.pools.arcor-ip.net[84.61.200.33]
Oct 26 05:02:31 p34 grossd: #40fdb950: a=match d=0 w=0 c=84.61.200.33 s=nicotine at herbalwerks.com r=user at destination.com h=xppe.arcor-ip.net
Oct 26 05:02:31 p34 postfix/smtpd[25864]: 857323288A: client=dslb-084-061-200-033.pools.arcor-ip.net[84.61.200.33]
Oct 26 05:02:31 p34 postfix/cleanup[25868]: 857323288A: message-id=<1421119838.20081026090052 at jawaclub.com>
Oct 26 05:02:32 p34 postfix/qmgr[24721]: 857323288A: from=<nicotine at herbalwerks.com>, size=4220, nrcpt=1 (queue active)
Oct 26 05:02:32 p34 postfix/smtpd[25864]: disconnect from dslb-084-061-200-033.pools.arcor-ip.net[84.61.200.33]
Oct 26 05:02:33 p34 postfix/smtpd[25872]: connect from localhost.localdomain[127.0.0.1]
Oct 26 05:02:33 p34 postfix/smtpd[25872]: 58D0A41E473: client=localhost.localdomain[127.0.0.1]
Oct 26 05:02:33 p34 postfix/cleanup[25868]: 58D0A41E473: message-id=<1421119838.20081026090052 at jawaclub.com>
Oct 26 05:02:33 p34 postfix/smtpd[25872]: disconnect from localhost.localdomain[127.0.0.1]
Oct 26 05:02:33 p34 postfix/qmgr[24721]: 58D0A41E473: from=<nicotine at herbalwerks.com>, size=4912, nrcpt=1 (queue active)
Oct 26 05:02:33 p34 amavis[922]: (00922-06) Passed SPAM, [84.61.200.33] [84.61.200.33] <nicotine at herbalwerks.com> -> <user at destination.com>, Message-ID: <1421119838.20081026090052 at jawaclub.com>, mail_id: PjrnJnmguvMK, Hits: 3.884, size: 4220, queued_as: 58D0A41E473, 1363 ms
Oct 26 05:02:33 p34 postfix/lmtp[25869]: 857323288A: to=<user at destination.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=2, delays=0.68/0/0/1.4, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=00922-06, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 58D0A41E473)
Oct 26 05:02:33 p34 postfix/qmgr[24721]: 857323288A: removed
Oct 26 05:02:34 p34 postfix/local[25873]: 58D0A41E473: to=<user at destination.com>, relay=local, delay=1.1, delays=0.02/0/0/1.1, dsn=2.0.0, status=sent (delivered to command: procmail -a "$EXTENSION")
Oct 26 05:02:34 p34 postfix/qmgr[24721]: 58D0A41E473: removed

If you check the IP: 84.61.200.33

It is listed in zen.spamhaus.org:
dnsbl = zen.spamhaus.org;3
The threshold:
grey_threshold = 1
And block_threshold is default (0).

Why did this get let through and not greylisted instead?

Justin.