Hi all, I've changed my /etc/default/postgrey with: POSTGREY_OPTS="--inet=10023 --delay=60" and restarted postgrey but still emails are getting more than 60 seconds to arrive. Any idea how I can lower down that time/check? Thanks
The sending server is free to decide when to retry the delivery of an email. So 60 seconds is not the time an email arrives, its the minimum time that the sending server must wait, so it may even wait an hour or longer to retry, if the admin of the sending system configured it like this.
Thanks Till. Does it make sense (spam wise) to lower it down to 10 seconds for example? I've got problems due to long delay some temp passwords are expiring before I get the email.
Some mail services will retry very quickly, and a lower value can allow mail to get delivered faster. I think I've seen some spam which retries immediately and would pass if < 5 seconds, so I wouldn't go below 5 or maybe 10. On the most recent server I configured I set rspamd greylist timeout to 6 seconds, fwiw. And on that note, you might consider the benefits of uninstalling postgrey entirely, then switching to rspamd and using it's greylisting feature, which activates at a score threshold, so mail which looks very unlike spam won't be greylisted, but mail which has more spam characteristics, yet not high enough to be marked as such, is delayed so that when/if it is retried, it's more likely to be on blacklists.
I should also note on this server I have postscreen in use, so a lot of spam that won't pass greylisting at all won't even hit rspamd. I don't know any stats offhand, but I think "greylist everything" used to be much more effective that it is today, with more (most?) spam coming from legit servers via compromised accounts; in that environment the purpose of greylisting is to gain a little more time for blacklists to catch up (and that's only a matter of seconds for some lists). Postscreen has no timeout (an immediate redelivery attempt will be allowed), and I use postwhite to bypass it for many large providers/mailers.
Thanks Jesse. Is this the most up to date howto about rspamd? https://www.howtoforge.com/replacing-amavisd-with-rspamd-in-ispconfig/