Re: How to block mail coming from a domain
on 2019/9/26 16:34, Enrico Morelli wrote: I tried to put .monster or *.monster in sender_access but doesn't work. Is there a way to block *.monster mails? Can you setup spamassassin for domain blacklist? regards.
Re: How to block mail coming from a domain
On Thu, 26 Sep 2019 16:37:14 +0800 Wesley Peng wrote: > on 2019/9/26 16:34, Enrico Morelli wrote: > > I tried to put .monster or *.monster in sender_access but doesn't > > work. Is there a way to block *.monster mails? > > Can you setup spamassassin for domain blacklist? > > regards. How can do that? -- --- Enrico Morelli System Administrator | Programmer | Web Developer CERM - Polo Scientifico via Sacconi, 6 - 50019 Sesto Fiorentino (FI) - ITALY
Re: How to block mail coming from a domain
on 2019/9/26 16:42, Enrico Morelli wrote: Can you setup spamassassin for domain blacklist? regards. How can do that? The SpamAssassin whitelist and blacklist options can include globs, not regular expressions. The valid metacharacters are ? and * to match 0-1 or 0-many characters respectively. This is the same as a shell glob. To blacklist mail from foo.com and *.foo.com the following should work: blacklist_from *@foo.com blacklist_from *.foo.com Don't be tempted to blacklist *foo.com, lest you inadvertently block some...@totally-legit-foo.com. Regards.
Re: How to block mail coming from a domain
On Thu, 26 Sep 2019 10:42:46 +0200 Enrico Morelli wrote: > On Thu, 26 Sep 2019 16:37:14 +0800 > Wesley Peng wrote: > > > on 2019/9/26 16:34, Enrico Morelli wrote: > > > I tried to put .monster or *.monster in sender_access but doesn't > > > work. Is there a way to block *.monster mails? > > > > Can you setup spamassassin for domain blacklist? > > > > regards. > > How can do that? > In /etc/spamassassin/local.cf I putted: blacklist_from *.monster Is it correct? -- --- Enrico Morelli System Administrator | Programmer | Web Developer CERM - Polo Scientifico via Sacconi, 6 - 50019 Sesto Fiorentino (FI) - ITALY
Re: How to block mail coming from a domain
On Thu, 26 Sep 2019 at 10:52, Henrik K wrote: > > On Thu, Sep 26, 2019 at 11:44:11AM +0200, Matus UHLAR - fantomas wrote: > > On 26.09.19 10:34, Enrico Morelli wrote: > > >in this days my mail server receiving a lot of mail coming from a > > >domain ending with .monster... > > Obviously these will only work for envelope sender. Most likely needing > header_checks /^From:.*\.monster/ here.. > Of course this assumes pcre (or maybe regex) file. To ensure it picks up only email addresses in From header (and not text), then, using pcre file for header_checks: if /^From:/ /\.monster>?\s*$/ REJECT # add other From header checks here... endif
Re: How to block mail coming from a domain
On Sep 26, 2019, at 03:51, Henrik K wrote: > Obviously these will only work for envelope sender. Most likely needing > header_checks /^From:.*\.monster/ here.. Yep. I use header checks to block most top level domains, letting only a dozen or so through and rejecting all the rest since it is impossible to keep up with all the new tlds and most of then are cesspits of spammer scum. Or wretched hives of villainy, if you prefer.
Re: How to block mail coming from a domain
On Thu, 26 Sep 2019 at 11:24, Enrico Morelli wrote: > I've search in my Debian 10 packages but there isn't postscreen. > Is it in bundle with new postfix version? In Debian 10 I've postfix > 3.4.5 Yes it is a standard part of postfix - try 'man postscreen'
Re: How to block mail coming from a domain
On Thu, 26 Sep 2019 11:29:38 +0100 Dominic Raferd wrote: > On Thu, 26 Sep 2019 at 11:24, Enrico Morelli > wrote: > > I've search in my Debian 10 packages but there isn't postscreen. > > Is it in bundle with new postfix version? In Debian 10 I've postfix > > 3.4.5 > > Yes it is a standard part of postfix - try 'man postscreen' Good. In the master.cf I've smtp inet n - y - - smtpd #smtp inet n - y - 1 postscreen to enable postscreen have I to uncomment the second line and comment the first one? -- --- Enrico Morelli System Administrator | Programmer | Web Developer CERM - Polo Scientifico via Sacconi, 6 - 50019 Sesto Fiorentino (FI) - ITALY
Re: How to block mail coming from a domain
On Thu, 26 Sep 2019 at 11:24, Enrico Morelli wrote: > I've search in my Debian 10 packages but there isn't postscreen. > Is it in bundle with new postfix version? In Debian 10 I've postfix > 3.4.5 On Thu, 26 Sep 2019 11:29:38 +0100 Dominic Raferd wrote: Yes it is a standard part of postfix - try 'man postscreen' On 26.09.19 12:48, Enrico Morelli wrote: Good. In the master.cf I've smtp inet n - y - - smtpd #smtp inet n - y - 1 postscreen to enable postscreen have I to uncomment the second line and comment the first one? you should follow the document http://www.postfix.org/POSTSCREEN_README.html -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. M$ Win's are shit, do not use it !
Re: How to block mail coming from a domain
Date: Thu, 26 Sep 2019 12:22:33 From: Enrico Morelli To: postfix-users@postfix.org Subject: Re: How to block mail coming from a domain I've search in my Debian 10 packages but there isn't postscreen. Is it in bundle with new postfix version? In Debian 10 I've postfix 3.4.5 Hello, as written in the POSTSCREEN README, it's in postfix since 2.8
Re: How to block mail coming from a domain
On Sep 26, 2019, at 4:01 AM, Dominic Raferd wrote: > Of course this assumes pcre (or maybe regex) file. To ensure it picks > up only email addresses in From header (and not text), then, using > pcre file for header_checks: No, you do the checks for the helo, not the From: header. The idea is to drop the connection as soon as possible, as cheaply as possible. check_helo_access pcre:/etc/postfix/helo_checks.pcre # Specifric domain exceptions /goodserver\.fm$/ DUNNO /\.goodserver\.fm$/ DUNNO /allowed\.social$/ DUNNO /\.allowed\.social$/ DUNNO /bad.com/ 550 Mail from bad.com not wanted /\.bad.com/ 550 Mail from bad.com not wanted #general /.*\.(com|net|org|edu|gov|ca|mx|de|dk|fr|fi|uk|us|tv|info|biz|eu|es|il|it|nl|name|jp|host|au|nz|ch|tv)$/ DUNNO /.*\.*$/ 550 Mail to or from this TLD is not allowed Of course, the list of domains to accept mail from is up to you, but these work for me. I am considering adding .fm to my allowed list as I haven’t seen much spam from it for quite awhile. -- Footnote on the High Energy Magic building: It was here that the thaum, hitherto believed to be the smallest possible particle of magic, was successfully demonstrated to be made up of resons (lit: 'Thing-ies) or reality fragments. Currently research indicates that each reson is itself made up of a combination of at least five 'flavours', known as 'up', 'down', 'sideways', 'sex appeal' and 'peppermint’.
Re: How to block mail coming from a domain
On Thu, 26 Sep 2019 10:46:27 +0200 Enrico Morelli wrote: > On Thu, 26 Sep 2019 10:42:46 +0200 > Enrico Morelli wrote: > > > On Thu, 26 Sep 2019 16:37:14 +0800 > > Wesley Peng wrote: > > > > > on 2019/9/26 16:34, Enrico Morelli wrote: > > > > I tried to put .monster or *.monster in sender_access but > > > > doesn't work. Is there a way to block *.monster mails? > > > > > > Can you setup spamassassin for domain blacklist? > > > > > > regards. > > > > How can do that? > > > > In /etc/spamassassin/local.cf I putted: > > blacklist_from *.monster > > Is it correct? > I have been doing the following. In the main.cf, note the spamsources: smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_reverse_client_hostname_access pcre:/etc/postfix/fqrdns.pcre, reject_unknown_reverse_client_hostname, check_client_access hash:/etc/postfix/spamsources smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unknown_address, check_sender_access hash:/etc/postfix/spamsources I have a file called spamsources. The basis pattern is a tld, 500, and a friendly message: -- stream 500 your message download 500 your message top 500 your message xyz 500 your message --- You need to postmap the file to make spamsources.db These goofy tlds are cheap to buy, hence a spam source. http://data.iana.org/TLD/tlds-alpha-by-domain.txt
