1: REJECT tells the spammer "Hey, your spam got stuck in the spam filter. Wanna try again?". Better to DISCARD it so the spammer think they got the spam through, then they won't switch to a new domain.
I don't think anyone ever will receive legitimate mail from any of those spammy TLDs listed in the rules file I gave. 2: Its just a habit, everytime some process complains of not able to access a file, "666" is the universal solution. Of course, this isn't recommended in a web hosting setup, but if you're hosting for example a mail server for a company, and only you as a sysadmin has shell access to the server, its no danger 666'ing files that throw permission errors. Then the file isn't really "world writable", since only you have a account on the server anyways. -----Ursprungligt meddelande----- Från: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] För A. Schulze Skickat: den 19 februari 2016 23:52 Till: postfix-users@postfix.org Ämne: Re: SV: Blocking TLDs Sebastian Nielsen: > Then paste all the DISCARD lines into a new file called > /etc/postfix/banned_tlds (and also add some own TLDs there, its just > to copy paste one line and then change the TLD), and also remove lines > for TLDs you don’t want to block. > > Chmod the banned_tlds file to 666 to ensure the postfix process can read it. two annotations: - I would not suggest DISCARD but REJECT - mode 666 (world writable) is generally not needed. 644 is enough Andreas > > > > > Then do “service postfix restart” > > Then you should be all set. > > > > Test the permission by sending a email using a spoofed address in your > email software, to yourself. The mail will always be successfully sent, but: > > If all goes well, you should see in the logs that “DISCARD” action was > triggered, which means the mail will be tossed in the dustbin without > delivering it to you. > > Remember to return your email client to non-spoofed state after that, > for obvious reasons. > > > > Från: Wolfe, Robert [mailto:robert.wo...@robertwolfe.org] > Skickat: den 19 februari 2016 23:19 > Till: 'Sebastian Nielsen' <sebast...@sebbe.eu>; > postfix-users@postfix.org > Ämne: RE: Blocking TLDs > > > > Just copy and passed the DISCARD contents into banned_tlds? > > > > From: owner-postfix-us...@postfix.org > <mailto:owner-postfix-us...@postfix.org> > [mailto:owner-postfix-us...@postfix.org] On Behalf Of Sebastian > Nielsen > Sent: Friday, February 19, 2016 3:50 PM > To: postfix-users@postfix.org <mailto:postfix-users@postfix.org> > Subject: SV: Blocking TLDs > > > > smtpd_sender_restrictions = check_sender_access > pcre:/etc/postfix/banned_tlds > > > > banned_tlds: > > /\.bid$/ DISCARD > > /\.top$/ DISCARD > > /\.xyz$/ DISCARD > > /\.date$/ DISCARD > > /\.faith$/ DISCARD > > /\.download$/ DISCARD > > > > > > Problem solved. > > > > > > Från: owner-postfix-us...@postfix.org > <mailto:owner-postfix-us...@postfix.org> > [mailto:owner-postfix-us...@postfix.org] För Wolfe, Robert > Skickat: den 19 februari 2016 22:36 > Till: postfix-users@postfix.org <mailto:postfix-users@postfix.org> > Ämne: Blocking TLDs > > > > Greetings all! > > > > This is actually my first posting to the mailing list, but have > actually been following along on a regular basis and have learned > quite a bit of good things (and bad things *smiles*) about Postfix. > Unfortunately, I have one question that I am hoping someone here on the > mailing list can answer. > > > > I get a LOT of emails from domains that have *.download and *.xyz and > their TLDs and I was wondering if there was a way in Postfix that I > could block emails that are coming in from these (and other) TLDs at > the connection level?
smime.p7s
Description: S/MIME Cryptographic Signature
