Newsroom Update

Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: NeoNet Tim
NeoNet Tim Author
User level: Level 1
0 points

Can't keep greylisting disabled on Lion Server.

If I remove the greylisting settings from /etc/postfix/main.cf, If the mail server is restarted, the greylisting entry is recreated. Is there any way around this?


I know why greylisting works, and I know it does its job well. But it's incompatible with the way we work here. Many of our emails are time-sensitive and often from new people. I also find that a lot of auto-response type emails just plain don't get past greylisting (password resets and such).

Mac mini, Mac OS X (10.7), Server 10.7

Posted on Jul 26, 2011 10:53 PM

Reply
10 replies
User profile for user: Michael Lake
Michael Lake
User level: Level 2
195 points

Aug 8, 2011 9:59 PM in response to NeoNet Tim

Yeah, I'm having the same problem. I tried issuing the command: 

sudo serveradmin settings mail:postfix:smtpd_recipient_restrictions="permit_sasl_authenticated permit_mynetworks reject_unauth_destination permit"
, which worked until the Mail service was restarted in the Server application.


The default value for that line above, although not reported from a normal 

serveradmin settings mail
is: 
"permit_sasl_authenticated permit_mynetworks reject_unauth_destination check_policy_service unix:private/policy permit"
. The command above should remove the policy check, which is where the greylisting happens.


No idea why this isn't sticking, but it's driving me nuts.

Reply
User profile for user: fight_or_flight
fight_or_flight
User level: Level 1
10 points

Aug 14, 2011 1:38 AM in response to NeoNet Tim

I manualy replaced the line:

smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination check_policy_service unix:private/policy permit


with


smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination permit


in /etc/postfix/main.cf.


Greylisting is still disabled even after a reboot

Reply
User profile for user: Michael Lake
Michael Lake
User level: Level 2
195 points

Aug 14, 2011 11:04 PM in response to gregoryfromcork

For some reason I had assumed that entering the 

serveradmin
command above would change the Server.app's behavior for what it re-wrote to the config files, but apparently this is not the case. I'll be avoiding the GUI from now on.


For what it's worth to others, note that saving changes to a non-Mail service (VPN, Web, Wiki, etc.) in Server.app or Server Admin.app does not cause a re-write of the Mail config files. If you need to manage the VPN or something else through the GUI, that's fine. Just don't play around with the Mail tab anymore or you'll have to re-greylist afterward.


Thanks, gregoryfromcork.

Reply
User profile for user: claytonfromgermantown hills
claytonfromgermantown hills
User level: Level 1
0 points

Aug 17, 2011 7:53 PM in response to fight_or_flight

How do you manually replace the line. Sorry new to MAC and looking at console and getting the same error over and over



8/17/11 9:42:44.000 PM /usr/libexec/postfix/greylist.pl:



Temporary message rejection to: <xxx@xxxxx.net> from: <notification+p1l=hcee@facebookmail.com> sent from: [69.171.232.141] for: 60 seconds due to greylisting

Reply
User profile for user: Michael Lake
Michael Lake
User level: Level 2
195 points

Aug 17, 2011 9:59 PM in response to claytonfromgermantown hills

claytonfromgermantown hills wrote:


How do you manually replace the line.


We stated it above, but here's the run-down:


  1. Edit: 
    /etc/postfix/main.cf
  2. Toward the bottom, change the line beginning with with 
    smtpd_recipient_restrictions
    to be:


    smtpd_recipient_restrictions="permit_sasl_authenticated permit_mynetworks reject_unauth_destination permit"


    (essentially, you'll just remove the 

    check_policy_service unix:private/policy entries
    from the line).


  3. Save the file, then reload postfix:
    $ sudo postfix reload
Reply

Can't keep greylisting disabled on Lion Server.

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up