The Sysadmin’s Daily Grind: Policyd



The Postfix Policyd plugin fights spam using techniques such as greylisting, source detection, volume measurements, blacklisting, and HELO rotation detection.

Charly Kühnast is a Unix System Manager at the data-center in Moers, near Germany’s famous River Rhine. His tasks include ensuring firewall security and availability and taking care of the DMZ (demilitarized zone). I’ve added many bits and bobs to my tried and trusted Postfix in the course of the years – Spamassassin and virus filters, for example. The latest member in the exclusive club of Postfix add-ons is Policyd. The Policyd tool does not use the content_filter mechanism to integrate with Postfix, in contrast to many other external tools. Instead, Policyd prefers the check_policy_service, which is available in Postfix 2.2 or newer. This gives me the ability to slot Policyd into my existing ruleset at a location that makes sense. I don’t need to send spam that has been rejected for other reasons to the policy daemon. The current release of the Policyd C program is version 1.73. You can download Policyd from [1], and installing the daemon is easy. After unpacking, just enter gmake build gmake install in the policyd directory. MySQL is also required. Policyd gives you a SQL script that automatically creates the required tables. To finish off, you need to create a cron job: