Greylisting Email with Sun Messaging Server using grossd
One of the best weapons I’ve used in the larger battle against unsolicited bulk Email, or SPAM, as it is commonly referred; is Greylisting.
Greylisting is very effective for reducing the volume of SPAM an Email server takes in by returning a temporary error during the conversation to the remote MTA, essentially saying to come back in a few minutes. While some MTA’s do not support resending, the vast majority do.
grossd takes this a bit further. While also working with the Sun Messaging Server (6.3 in my case); it only forces the temporary error for remote MTA’s that are on its set of blacklists. While it doesn’t explicitly reject the message outright, it does force the remote MTA to at least retry in order to send the message.
Configuring a (standalone) Sun Messaging Server MTA is fairly straightforward. It requires the c-ares DNS library to be compiled and installed. Then the grossd code needs to be compiled and installed. A gcc compiler other than the default installed in /usr/sfw on Solaris 10 may not be sufficient.
The summary installation instructions for c-ares.
# gunzip -c c-ares-1.4.0.tar | tar xf -
# cd c-ares-1.4.0
# ./configure –prefix=/usr/local
# make && make install
The summary installation instructions for grossd.
# gunzip -c gross-0.8.2.tar.gz | tar xf -
# cd gross-0.8.2
# ./configure –prefix=/usr/local
# make && make install
I needed to make a single change in /usr/local/etc/grossd.conf; which was to simply comment out the following line:
protocol = postfix
So that it reads:
#protocol = postfix
Once grossd is configured, it needs to be started, and probably have a startup script to automatically make it run at boot.
#!/sbin/sh
case “$1″ in
start)
[ -f /usr/local/etc/grossd.conf ] || exit 0
/usr/local/sbin/grossd -f /usr/local/etc/grossd.conf
;;
stop)
pkill grossd
;;
*)
echo “Usage: $0 { start | stop }”
exit 1
;;
esac
exit 0
I started grossd using the script:
# sh /etc/init.d/grossd start
# ps -ef | grep -i gross
root 21356 1 0 Oct 24 ? 9:00 /usr/local/sbin/grossd -f /usr/local/etc/grossd.conf
With grossd running, the Sun Messaging Server config needs to get tweaked. Edit the mappings file; adding the following section. Please be careful to have a complete newline before the beginning of the section, immediately following the section name, and following the contents of the section. There are 2 spaces leading off the TCP line, in case they are not clear.
ORIG_MAIL_ACCESS
TCP|*|*|*|*|*|*|tcp_local|*|*|* $[/usr/local/lib/grosscheck.so,grosscheck,127.0.0.1,,1111,$2,$=$8$_,$=$6$_]
After making this change, recompile the configuration, and test grossd.
# ./imsimta cnbuild
# ./imsimta chbuild
After testing; restart the messaging server;
# ./imsimta restart
To determine the number of messages that greylisting has worked on, you can grep on the mail logs for the string “452 4.4.3″
# grep -ic “452 4.4.3″ mail.log_current
29536
