How to: Enable Greylisting to Prevent Spam ========================================== Greylisting means that the server will initially reject mail from unknown senders and then accept the message upon the second attempt. This involves a greet delay, so messages will have to wait a few seconds before being accepted. Legitimate mail will wait, but spam will generally not. Further information can be found `here `__. Enabling both greylisting and tarpitting can be even more effective in reducing spam. Documentation on how to enable tarpitting can be found :doc:`here `. .. contents:: To Enable Greylisting --------------------- #. Log in to the server at the CLI as root, either via SSH or from the terminal #. At the CLI, use the text editor to open ``/etc/tcprules.d/tcp.smtp``. By default, the contents of the file should look similar to the following: .. code-block:: 127.:allow,RELAYCLIENT="" ::1:allow,RELAYCLIENT="" :allow,LANG="en_US",QMAILQUEUE="/var/qmail/bin/simscan",CHKUSER_MBXQUOTA="99" #. Add ``,JGREYLIST=""`` to the end of the first two lines. The ``/etc/tcprules.d/tcp.smtp`` file on some servers will have this information included by default. If that is the case, this step can be skipped .. code-block:: 127.:allow,RELAYCLIENT="",JGREYLIST="" ::1:allow,RELAYCLIENT="",JGREYLIST="" :allow,LANG="en_US",QMAILQUEUE="/var/qmail/bin/simscan",CHKUSER_MBXQUOTA="99" #. On the line that begins with ``:allow``, add ``JGREYLIST_DIR="/var/qmail/jgreylist"`` .. code-block:: 127.:allow,RELAYCLIENT="",JGREYLIST="" ::1:allow,RELAYCLIENT="",JGREYLIST="" :allow,LANG="en_US",QMAILQUEUE="/var/qmail/bin/simscan",CHKUSER_MBXQUOTA="99",JGREYLIST_DIR="/var/qmail/jgreylist" #. Save and exit the text editor #. At the CLI, use the text editor to open ``/service/smtp/run``. By default, the beginning of the file should look similar to the following: .. code-block:: #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` BLACKLIST=`cat /var/qmail/control/blacklists` SMTPD="/var/qmail/bin/qmail-smtpd" TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb" RBLSMTPD="/usr/bin/rblsmtpd" HOSTNAME=`hostname` VCHKPW="/home/vpopmail/bin/vchkpw" #GREYLIST="/var/qmail/bin/jgreylist" ARCH=`uname -i` #. Uncomment the ``GREYLIST`` variable by removing the ``#`` .. code-block:: #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` BLACKLIST=`cat /var/qmail/control/blacklists` SMTPD="/var/qmail/bin/qmail-smtpd" TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb" RBLSMTPD="/usr/bin/rblsmtpd" HOSTNAME=`hostname` VCHKPW="/home/vpopmail/bin/vchkpw" GREYLIST="/var/qmail/bin/jgreylist" ARCH=`uname -i` #. Save and exit the text editor #. At the CLI, make sure that the ``/var/qmail/jgreylist`` directory is owned by so that it is owned by ``vpopmail:vchkpw`` .. code-block:: [root@server ~]# ls -ld /var/qmail/jgreylist drwx------. 2 vpopmail vchkpw 6 May 12 2020 /var/qmail/jgreylist [root@server ~]# - If the directory is not owned by ``vpopmail:vchkpw``, update the permissions .. code-block:: chown vpopmail:vchkpw /var/qmail/jgreylist #. Restart smtp .. code-block:: service smtp restart