|-V -, --version|
|Show version information.|
|-v -, --verbose|
|-d -, --debug|
|Show usage information.|
|Dump the triplets database to stdout. Mostly for debugging purposes.|
|-b seconds,--bloc-max-idle seconds|
|How many seconds of life are given to a record that is created from a new mail ( ip, from, to) triplet. Note that the window created by this setting for passing mails is reduced by the amount set for --greylist-delay . Also see --pass-max-idle . Defaults to 18000.|
|-g seconds,--greylist-delay seconds|
|How many seconds we will block inbound mail that is from a previously unknown ( ip, from, to) triplet. If it is set to zero, incoming mail association will be learned, but no deliveries will be tempfailed. Use a setting of zero with caution, as it will learn spammers as well as legitimate senders. Defaults to 3480.|
|-h home_directory,--home home_directory|
|Location of the Berkeley DB environment home location. Defaults to /var/db/greyfix.|
|-p seconds,--pass-max-idle seconds|
How long to give to a record we are updating from an allowed (passed) email.
The default is 3110400, which should be enough to handle messages that may only be sent once a month, or on things like the first monday of the month (which sometimes means 5 weeks). Plus, we add a day for a delivery buffer.
|-r action,--reject-action action|
The reject action directive that will be used. See
for valid actions. The placeholder
expand to the number of seconds,
to the empty string if
expands to 1 or
to a single space, and
The default is "DEFER_IF_PERMIT Greylisted by greyfix 0.4.0, try again in %d second%p. See http://www.kim-minh.com/pub/greyfix/ for more information."
|-G action,--greylisted-action action|
The action that will be used the first time a triplet passes greylisting. Same
expansion as for
The default is "PREPEND X-Greyfix: Greylisted by greyfix 0.4.0 for %d second%p. See http://www.kim-minh.com/pub/greyfix/ for more information."
|-/ prefix_size,--network-prefix prefix_size|
|Only consider the first prefix_size bits of an IPv4 address. Defaults to 32, i.e., the whole address is significant.|
|-6 prefix_size,--network6-prefix prefix_size|
|Only consider the first prefix_size bits of an IPv6 address. Defaults to 128, i.e., the whole address is significant.|
Edit Postfixs master configuration file, /usr/local/etc/postfix/master.cf, and add the following:greyfix unix - n n - - spawn user=nobody argv=/usr/local/sbin/greyfix -/ 24 -6 56
Edit Postfixs main configuration file, /etc/postfix/main.cf, and add the following:smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, check_policy_service unix:private/greyfix
If there is already an smtpd_recipient_restrictions configuration line, you should edit it rather than add a new one. The important part for Greyfix is that you should add check_policy_service unix:private/greyfix to it. Finally, have Postfix reload its configuration with postfix reload.
Greyfix logs to syslog(3) with the LOG_MAIL facility. As such, the log messages should appear along Postfixs.
greyfix was written by
.An Kim Minh Kaplan <http://www.kim-minh.com/>.