Re: block all mail from mta's with a FQDN match?

Mon, 28 Mar 2016 17:11:24 -0700 

On Mon, Mar 28, 2016 at 07:25:43PM -0400, Viktor Dukhovni wrote:
> 
> > On Mar 28, 2016, at 5:53 PM, jaso...@mail-central.com wrote:
> > 
> > How would I match/block access to mail sent from MTAs that have FQDNs that 
> > start with
> > 
> >    mta-wk-*
> > 
> > it's not a header, it's not content, it's not an IP ...
> > 
> > but, it's clearly logged in my postfix logs
> > 
> >     postfix.log:Mar 24 13:00:42 mail2 postfix/int01/smtpd[20932]: connect 
> > from mta-wk-1.mk1.ratineer.com[82.196.0.148]
> 
> mta-wk-1.mk1.ratineer.com has address 82.196.0.148
> mta-wk-1.mk2.ratineer.com has address 198.199.127.53
> mta-wk-1.mk3.ratineer.com has address 198.211.125.202
> mta-wk-2.mk1.ratineer.com has address 82.196.2.106
> mta-wk-2.mk2.ratineer.com has address 82.196.0.108
> mta-wk-2.mk3.ratineer.com has address 198.211.126.47
> mta-wk-3.mk1.ratineer.com has address 82.196.2.62
> mta-wk-3.mk2.ratineer.com has address 37.139.10.126
> mta-wk-3.mk3.ratineer.com has address 198.211.119.74
> mta-wk-4.mk1.ratineer.com has address 82.196.7.244
> mta-wk-4.mk2.ratineer.com has address 82.196.0.161
> mta-wk-4.mk3.ratineer.com has address 82.196.1.172
> mta-wk-5.mk1.ratineer.com has address 82.196.7.81
> mta-wk-5.mk2.ratineer.com has address 37.139.12.112
> mta-wk-5.mk3.ratineer.com has address 82.196.9.12
> mta-wk-6.mk1.ratineer.com has address 37.139.2.211
> mta-wk-6.mk2.ratineer.com has address 198.211.125.249
> mta-wk-6.mk3.ratineer.com has address 82.196.0.113
> mta-wk-7.mk1.ratineer.com has address 37.139.3.68
> mta-wk-7.mk2.ratineer.com has address 198.211.126.201
> mta-wk-7.mk3.ratineer.com has address 82.196.0.124
> 
> ratineer.com.           600     IN      NS      kilmer-dns2.synapp.io
> 
> main.cf:
>     smtpd_client_restrictions =
>       check_ns_access pcre:${config_directory}/ns-access.pcre
> 
>     smtpd_restriction_classes = no_mta_wk
> 
>     no-mta-wk =
>       reject_unknown_client,
>       check_client_access pcre:${config_directory}/no-mta-wk.pcre
> 
> ns-access.pcre:
>     /\.synapp\.io$/   no_mta_wk
> 
> no-mta-wk.pcre:
>     /^mta-wk-\d/      REJECT -Your reject message here-
> 
> -- 
>       Viktor.


Then block on the following

82.196.0.0/16

37.139.0.0/16

198.211.0.0/16

198.199.127.0/24

-- 
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  Look at Psalms 14 and 53 on Atheism
Manitoba and Saskatchewan! Save your provinces in April! Vote Liberal!!

Reply via email to