On Thursday 30 July 2009 09:31:13 Rodman Frowert wrote: > I am getting quite a bit of SPAM coming from Hotmail. Instead of using > verify to check and see if they are legit senders, I think I would rather > just block them and be done with it. Maybe after a few months of my server > not responding to Spammer garbage, I will be removed from their SPAM lists > and I could then remove the block.
Don't hold your breath. Spammers have no need to clean up their lists. > What would be the appropriate command to simply reject this domain? "Simply" is not applicable in this context. You haven't phrased the question in such a way that there could be a simple Postfix answer. See http://www.postfix.org/SMTPD_ACCESS_README.html and access.5.html and decide how you're going to identify that mail. I think Hotmail and MSN send from *.hotmail.com. hosts, so you could use that in a check_client_access lookup. Since that relies on reverse DNS, you should also consider reject_unknown_reverse_client_hostname, which rejects hosts with no PTR (pretty safe), and will defer any hosts if your own nameserver fails for some reason. Generally I would not recommend using check_sender_access, because the sender address can be and usually is false. However in this case, you wouldn't be doing any more damage than you already are, and this would prevent the occasional reverse DNS failure from slipping through. That is your simplest answer. Of course, all of these "simple" answers require a good understanding of smtpd_*_restrictions. And for the record, I looked at the LQ link that Serge found in Google, and it's not correct. Those who use Google before reading the Postfix documentation are often disappointed. In your case, you tried, but you didn't know the right keywords. You'll have better results next time by browsing the documentation.html page, looking at the various README names. BTW all of the HTML documentation is (or should be!) in your own local $(postconf -h html_directory). Use of your local copy is best for several reasons, chief among those being that it is specific to and up-to-date for your own Postfix version. You won't have to watch for those little version-specific notes. One last comment I'll add: I agree with Steve in that you will find this tactic to be an overall ineffective measure against spam. You *will* block some spam with this ... Hotmail leaks badly having been targeted for abuse by 419 scammers in particular. -- Offlist mail to this address is discarded unless "/dev/rob0" or "not-spam" is in Subject: header
