> Nov 15 12:33:58 goose postfix/smtpd[7613]: NOQUEUE: reject: RCPT from > unknown[60.178.154.107]: 450 4.1.1 < > 1068617380.19938.18.ca...@goose.robinson-west.com>: Recipient address > rejected: unverified address: unknown user: > "1068617380.19938.18.camel"; from=<1362248...@qq.com> to=< > 1068617380.19938.18.ca...@goose.robinson-west.com> proto=SMTP > helo=<lnwomen.org>
Looking at the above log excerpt you can see that there was an attempt to send me an email to a bogus user name. Is there a slick way to dynamically catch 60.178.154.107 and block for say an hour? Maybe I should wait till three similar messages from the same IP are logged. Another problem, I don't want to accept email to <someone>@goose.robinson-west.com, only to <someone>@robinson-west.com. If I don't add $myhostname to $mydestination, I will get mail loops back to myself messages in the future. Do I need to write a perl script to catch the above in the maillog and dynamically update a text file of ip addresses that should be blocked? temp_blacklist: 60.178.154.107 REJECT ... Did I get the syntax right for the text file I need to generate? Should smtpd_sender_restrictions in main.cf be defined as follows: smtpd_sender_restrictions= permit_mynetworks, check_sender_access hash:/etc/postfix/temp_blacklist, check_sender_access hash:/etc/postfix/sender_access, reject_unknown_sender_domain, warn_if_reject reject_unverified_sender _______________________________________________ PLUG mailing list PLUG@pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug