Blocking top-level domains
mailscanner at replies.cyways.com
Tue Jul 22 21:35:20 IST 2014
In Postfix you need to add these directives to main.cf:
smtpd_client_restrictions = reject_unknown_client_hostname,
smtpd_sender_restrictions = reject_unknown_sender_domain,
# block sending servers from non-US/CA locations
smtpd_helo_required = yes
smtpd_helo_restrictions = check_helo_access
I use Perl-compatible regular expressions to match things I want to
block. Thus I have pcre: prefixes in each entry. Postfix supports
other methods as well including simple string matching.
My /etc/postfix/sender_access file looks like this:
# no mail from outsiders claiming to be us
# no two-letter country-code domains except us/ca
/\.[a-z][a-z]$/ REJECT US senders only
# various blacklists
This particular client is a small healthcare provider that does not need
to receive mail from locales outside the US/CA. Blocking foreign
country-code domains cuts down a lot of spam.
On 07/22/2014 03:25 AM, Mogens Melander wrote:
> Sorry, I don't. But google gave me this:
> On Tue, July 22, 2014 04:11, Chris Barber wrote:
>> Ahh, brilliant! We are using postfix instead of sendmail, do you know what
>> the correspoding file in Postfix is for this?
>> -----Original Message-----
>> From: mailscanner-bounces at lists.mailscanner.info
>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Mogens
>> Sent: Saturday, July 19, 2014 1:38 AM
>> To: mailscanner at lists.mailscanner.info
>> Subject: Re: Blocking top-level domains
>> I'm doing stuff like that in sendmail's access (/etc/mail/access) file,
>> with entries like:
>> cn.ru ERROR:"550 Reject : cn.ru - Spam source"
>> Works like a charm :)
>> On Fri, July 18, 2014 19:47, Bryan Laurila wrote:
>>> I had an interesting situation creep up on me this week where I
>>> thought that something was happening (or being processed) in
>>> MailScanner/SpamAssassin but apparently it was not.
>>> I have two mail relay scanners running MailScanner & SpamAssassin on
>>> Suse Linux. These boxes scan incoming mail for spam & viruses and
>>> then relay to my MS Exchange server. I had an influx of spam this
>>> week coming in from several top-level domains that we wouldn't
>>> normally receive any valid emails from anyway, like .eu, .in, .asia,
>>> .club, etc.
>>> Upon investigating the situation I found that the Trend Micro Scan
>>> Mail service on my Exchange server crashed which lead me to the
>>> discovery that MailScanner & SpamAssassin weren't filtering mail from
>>> these unwanted top level domains as I thought and all that work was
>>> being done by my exchange server.
>>> So, the question of the day is... Where is the best place to turn on
>>> filtering or set a rule somehow to filter unwanted top-level domains
>>> at the MailScanner/SpamAssassin servers?
>>> Like all things in IT there are probably multiple ways of doing this
>>> so I am curious as to what others are doing. All thoughts & comments
>>> are welcome.
>>> Bryan S. Laurila
>>> Senior Network Support Analyst
>>> Dickinson County Healthcare System
>>> 1721 South Stephenson Avenue
>>> Iron Mountain, Michigan 49801
More information about the MailScanner