I have enabled greylisting with policyd as per the wiki entry. It's working and has succesfully reduced inbound spam.
However, I've noticed that it applies the greylisting policy to all users, whether authenticated or not, the zimbra policy in sqlite has an any|any source|destination.
This means however that users logging in via smartphones or laptops from external IPs to submit mail, although authenticated, still get delayed as per the default greylisting policy from the wiki. This is causing confusion.
Can anyone tell me how to edit the settings in postfix or policyd to bypass greylisting for autheticated external users - ie: those not in 'mynetworks'?
The policyd documentation is a bit light on this (most discussion of sasl users seems concerned with quotas module rather than greylisting module).
If I've been able to piece anything together from the link above and the (zimbra/policyd) wiki I'm guessing I have to do something along the lines of:
- create a policy at a higher priority than the zimbra default?
- add policy group that filters sasl auth users somehow?
- add policy group member that has the source|destination configured to opnly capture external sasl users?
Has anyone here sucessfully configured policyd to exclude external authenticated users from greylisting?
Thanks in advance.