User profile for user: Paul Derby
Paul Derby Author
User level: Level 1
143 points

Postfix greylisting disable or reconfigure?

I finally gave up on getting Postfix to run on a test MacMini with Mountain Lion Server installed over a running Snow Leopard Server. I backed up the user files, erased the disk and did a clean install of Mountain Lion Server. I also took the opportunity to change my LAN domain name from xxx.local.to a domain name that I had registered but wasn't using.


With a totally vanilla install of Mountain Lion Server I'm getting lousy performance due to "greylisting". Eventually all the mail this machine receives will come from Google Business App mail which handles the MX records for a public email address.


(The server has a WAN network connection and a LAN network connection. It does not route nor is NAT enabled.)


Here is the SMTP log from the server:


Jun 9 21:44:58 red.paulderby.me postfix/postscreen[15599]: CONNECT from [209.85.223.176]:42075 to [96.231.165.212]:25

Jun 9 21:45:01 red.paulderby.me postfix/postscreen[15599]: PASS OLD [209.85.223.176]:42075

Jun 9 21:45:03 red.paulderby.me postfix/smtpd[15627]: connect from mail-ie0-f176.google.com[209.85.223.176]

Jun 9 21:45:05 red /usr/libexec/postfix/greylist.pl[15656]: Temporary message rejection to: <pderby@pderby.com> from: <paul+caf_=pderby=pderby.com@derby.us.com> sent from: [209.85.223.176] for: 60 seconds due to greylisting

Jun 9 21:45:05 red.paulderby.me postfix/smtpd[15627]: NOQUEUE: reject: RCPT from mail-ie0-f176.google.com[209.85.223.176]: 450 4.7.1 <pderby@pderby.com>: Recipient address rejected: Service is unavailable; from=<paul+caf_=pderby=pderby.com@derby.us.com> to=<pderby@pderby.com> proto=ESMTP helo=<mail-ie0-f176.google.com>

Jun 9 21:45:05 red.paulderby.me postfix/smtpd[15627]: disconnect from mail-ie0-f176.google.com[209.85.223.176]



I've located several posts from people experiencing this same "performance" problem. Over time the email does make it through the greylist throttling in an hour or two. The server is still Apple released Mountain Lion Server with minimal configuration and has no users and no job load going on. Has anyone solved this problem? Is there a parameter that is set wrong in the Apple Postfix release for determining when to greylist?


All help appreciated. I'm not sure how to troubleshoot this, so looking for some guidance on speeding up mail delivery. Greylisting does make sense in some situaitons so I hate to just disable greylisting completely.


Thanks for any help,

Posted on Jun 9, 2013 7:08 PM

Reply
3 replies
User profile for user: Paul Derby
Paul Derby Author
User level: Level 1
143 points

Jun 9, 2013 7:15 PM in response to Paul Derby

Here is the full header of the email when it finally arrives:


Return-Path: <paul+caf_=pderby=pderby.com@derby.us.com>

Delivered-To: pderby@red.paulderby.me

Received: from localhost (localhost [127.0.0.1])

by red.paulderby.me (Postfix) with ESMTP id 2B2B062E88

for <pderby@pderby.com>; Sun, 9 Jun 2013 22:10:45 -0400 (EDT)

X-Virus-Scanned: amavisd-new at pderby.com

Authentication-Results: red.paulderby.me (amavisd-new);

dkim=pass (2048-bit key) header.d=gmail.com

Received: from red.paulderby.me ([127.0.0.1])

by localhost (red.paulderby.me [127.0.0.1]) (amavisd-new, port 10024)

with ESMTP id tWQWSy4mJfRP for <pderby@pderby.com>;

Sun, 9 Jun 2013 22:10:44 -0400 (EDT)

Received: from mail-ie0-f173.google.com (mail-ie0-f173.google.com [209.85.223.173])

by red.paulderby.me (Postfix) with ESMTPS id 459C062E7B

for <pderby@pderby.com>; Sun, 9 Jun 2013 22:10:44 -0400 (EDT)

Received: by mail-ie0-f173.google.com with SMTP id k5so8554163iea.4

for <pderby@pderby.com>; Sun, 09 Jun 2013 19:10:43 -0700 (PDT)

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20120113;

h=x-forwarded-to:x-forwarded-for:delivered-to:dkim-signature

:mime-version:date:message-id:subject:from:to:content-type

:x-gm-message-state;

bh=lf/jIXk+k6BAChjAvPWYYH5XBChhovyw/LsT/Dxm1m4=;

b=ihJB3NW1i37yvn1I18urVDf4j412WiwbZjFQuZJ2Sesd4pNRsOWvJ4jJ8SjhdZEFjs

i0lPnvKHNMACbUigTIxFTeb+GpffCeSHvqdeGkeI0wv1FcwWaRV2xp6OiLVMNiyWLamH

tkS0mxdmUywN5eQ1zlkmaC30KCmC8ElgX00iifxE0xIQHVoSMZLFw2uh0DqimN3UFxoe

pf/WnhY7xJltVw4yU75fFfW9dT68FqxKeKhpUA/Gxo4TbRLfdXWZpBUun41qXdnIUFsQ

UQhoysbcAcWdYjIRGAkijwJz00LtDB3OzLnkdk7BJlii6BD5romeXyO+j3iyUEP7Jxgr

G2Ng==

X-Received: by 10.42.121.211 with SMTP id k19mr3067322icr.26.1370828697931;

Sun, 09 Jun 2013 18:44:57 -0700 (PDT)

X-Forwarded-To: pderby@pderby.com

X-Forwarded-For: paul@derby.us.compderby@pderby.com

Delivered-To: paul@derby.us.com

Received: by 10.50.217.138 with SMTP id oy10csp70627igc;

Sun, 9 Jun 2013 18:44:57 -0700 (PDT)

X-Received: by 10.182.120.196 with SMTP id le4mr6351710obb.57.1370828697249;

Sun, 09 Jun 2013 18:44:57 -0700 (PDT)

Received: from mail-oa0-x230.google.com (mail-oa0-x230.google.com [2607:f8b0:4003:c02::230])

by mx.google.com with ESMTPS id l2si7354329obu.209.2013.06.09.18.44.57

for <paul@derby.us.com>

(version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);

Sun, 09 Jun 2013 18:44:57 -0700 (PDT)

Received-SPF: pass (google.com: domain of tsawner@gmail.com designates 2607:f8b0:4003:c02::230 as permitted sender) client-ip=2607:f8b0:4003:c02::230;

Authentication-Results: mx.google.com;

spf=pass (google.com: domain of tsawner@gmail.com designates 2607:f8b0:4003:c02::230 as permitted sender) smtp.mail=tsawner@gmail.com;

dkim=pass header.i=@gmail.com

Received: by mail-oa0-f48.google.com with SMTP id f4so1413629oah.35

for <paul@derby.us.com>; Sun, 09 Jun 2013 18:44:57 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20120113;

h=mime-version:date:message-id:subject:from:to:content-type;

bh=lf/jIXk+k6BAChjAvPWYYH5XBChhovyw/LsT/Dxm1m4=;

b=kL9+z/a3SJRrHQnKV8z06zhFVg/vl5jEmGPPRR0NvGBMIjhGd8zmb7cxhIMOLouVdN

mPJLJqKHxvpr9Hetz4jEy+lpJH6ViaEiD86m5t3d1GKD21z6i9yVFdF3tx+qJhZ5m/mj

0CWGrj+AGhUxtnC7MFtaFOfiB8z63EZcBkDq43qkSaGeQs0GBWd/WIBm9ljoEvy5KDRB

O8OREwJ6+4Jeje+3xmOBkjiCOmCHGOFujYuFC9UU7Mt44/K8Aj5+lYpRQO0OihPsMT3v

rmza+n7Tz1zzSRSns25eR/07b96NPhW9TNuH+KrTFJ8WJF0mTzr1YPI30o//m5pA/272

/ffA==

MIME-Version: 1.0

X-Received: by 10.60.134.236 with SMTP id pn12mr6520003oeb.4.1370828696849;

Sun, 09 Jun 2013 18:44:56 -0700 (PDT)

Received: by 10.76.73.133 with HTTP; Sun, 9 Jun 2013 18:44:56 -0700 (PDT)

Date: Sun, 9 Jun 2013 21:44:56 -0400

Message-ID: <CAEdO0QRx6oumF3=KBcJ8DnWQ3v76YGR_9mk-hWBRs2OGp4rrhA@mail.gmail.com>

Subject: test2

From: TJ Sawner <tsawner@gmail.com>

To: Paul Derby <paul@derby.us.com>

Content-Type: multipart/alternative; boundary=047d7b471f6a86144b04dec2ed99

X-Gm-Message-State: ALoCoQl1RAZ4qhYB4WBPa7EKHkrdzTcAS2VkxyVAjLJU/7GpQdznaJbnE/Hz9Jn3HcWfe2XCbhya


--047d7b471f6a86144b04dec2ed99

Content-Type: text/plain; charset=ISO-8859-1


test


--047d7b471f6a86144b04dec2ed99

Content-Type: text/html; charset=ISO-8859-1


<div dir="ltr">test<br></div>


--047d7b471f6a86144b04dec2ed99--

Reply
User profile for user: MrHoffman
MrHoffman
User level: Level 10
146,221 points

Jun 10, 2013 4:31 PM in response to Paul Derby

While you're probably aware of this, greylisting is an anti-spam feature, and is intended to reject (delay) the initial few messages from a previously-unknown server with a status code that will cause a legitimate SMTP server to retry the message. Legitimate SMTP mail servers will automatically train the greylisting; once the threshold messages are met from the mail server, all subsequent message delivery requests from that mail server will bypass the greylisting.


Why? Spam engines generally don't retry the mail messages.


If you want to shut off Greylisting, here is how.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Postfix greylisting disable or reconfigure?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up