I think this will work, but will require a recompile. Edit line 75 of policyd.h from:
#define POSTFIX_GREYLIST "action=defer_if_permit Policy Rejection-" to: #define POSTFIX_GREYLIST "action=451 Policy Rejection-" I haven't tried this yet but here's why I think it'll work: The Postfix SMTP Access Policy Delegation documentation ( http://www.postfix.org/SMTPD_POLICY_README.html ) says: "The policy server replies with any action that is allowed in a Postfix SMTPD access(5) table. Example: action=defer_if_permit Service temporarily unavailable [empty line] This causes the Postfix SMTP server to reject the request with a 450 temporary error code and with text "Service temporarily unavailable", if the Postfix SMTP server finds no reason to reject the request permanently." So since any 4NN code is a valid action just like DEFER_IF_PERMIT (mapped to 450 by default) according to http://www.postfix.org/access.5.html, we should be able to replace it with 451. If someone knows better, please correct me before I try it directly on my production server :) Andy On 18/05/07, Robert A. Pickering Jr. <[EMAIL PROTECTED]> wrote: > Andy, > > Phenominal find! I've been seeing the same issues on my server and figured > it was just remotely "misconfigured" servers, but this explains it much > better. Hopefully we can figure this out. > > -Rob > > > -- > Robert A. Pickering Jr. > > "I wish developing great products was as easy as writing a check. If so, > then Microsoft would have great products." - Steve Jobs > > > > > On May 18, 2007, at 11:34 AM, Andy Lee wrote: > > I was looking for a good list of ip ranges to whitelist and came > across one maintained at PureMagic. > > Here's the current version: > http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt?rev=1.16&view=markup > > While going over it, I read this: > > # Because error code 450 is most commonly used for a mailbox lock failure, > # many sites seem to treat it as a very short duration failure, and will > # retry several times within seconds, and then bounce the mail, while they > # handle a code 451 more "normally". > > When I checked my mail logs, sure enough, I saw various SMTP servers > try to immediately re-send a bunch of times all within 1 second of the > first 450 reject for being greylisted! These servers looked > legitimate. > > So I looked for a way to try changing the reject code from 450 to 451 > but couldn't find it. > > Ideas? Comments? > > ------------------------------------------------------------------------- > This SF.net email is sponsored by DB2 Express > Download DB2 Express C - the FREE version of DB2 express and take > control of your XML. No limits. Just data. Click to get it now. > http://sourceforge.net/powerbar/db2/ > _______________________________________________ > policyd-users mailing list > policyd-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/policyd-users > > ------------------------------------------------------------------------- > This SF.net email is sponsored by DB2 Express > Download DB2 Express C - the FREE version of DB2 express and take > control of your XML. No limits. Just data. Click to get it now. > http://sourceforge.net/powerbar/db2/ > _______________________________________________ > policyd-users mailing list > policyd-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/policyd-users > > ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ policyd-users mailing list policyd-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/policyd-users
