0

Can anyone please tell me how to reject all domains with a particular name, but regardless of the TLD? I want to block all mail coming from domains named bulksender, like bulksender.com, bulksender.org, bulksender.biz, bulksender.vn etc.

I have a postmap file client_checks.postmap which i have included in main.cf like this:

check_client_access hash:/etc/postfix/client_checks.postmap

In that file I´ve tried:

bulksender. REJECT 550 5.1.0 Go away!

But it did not work.

Is there something like *@bulksender.* which would block all domains named bulksender, regardless which TLD Ending they have?

Esa Jokinen
  • 46,944
  • 3
  • 83
  • 129
Stonegate
  • 11
  • 4

1 Answers1

1

Postfix with PCRE support allows regular expressions on sender address verification.

smtpd_recipient_restrictions = check_sender_access pcre:/etc/postfix/sender_access

I've used it to block entire TLDs

/\.icu$/ 554 https://blocked.icu/

but it should fit your requirements, too:

/@bulksender\./ 554 Go away!

/\100bulksender\./ 554 Go away!

To include all subdomains of these domains:

/@.*\.?bulksender\./ 554 Go away!

Notice that check_sender_access makes this a sender restriction, but I intentionally use it in smtpd_recipient_restrictions making it fire only after a full set of HELO, MAIL FROM and RCPT TO commands. This way the logs won't be lacking information on the recipients, in case something goes wrong.

The check_client_access doesn't check email addresses, but the client connecting to your SMTP server:

check_sender_access type:table

Search the specified access(5) database for the MAIL FROM address, domain, parent domains, or localpart@, and execute the corresponding action.

check_client_access type:table

Search the specified access database for the client hostname, parent domains, client IP address, or networks obtained by stripping least significant octets. See the access(5) manual page for details.

Esa Jokinen
  • 46,944
  • 3
  • 83
  • 129
  • Hi and thank you for your help! This looks good indeed. However i tried various regex pcre testers online and all said that this is not matching: /@bulksender./ 554 Go away! /\100bulksender./ 554 Go away! Are you sure these block *@*.bulksender.* ? Daniel – Stonegate Aug 20 '19 at 08:51
  • Hi Esa - naw.. i want to block all bulksender.* Domains. The sender registers lets say .COM, .ORG, .INFO Domains and i want to block all of them. So i want to block *@bulksender.* OR even *@*.bulksender.* (because they sometimes have a mailserver prefix like sender@mailserver1234.bulksender.com and sender@anotherserver.bulksender.nl (these are only examples of course) – Stonegate Aug 20 '19 at 09:44
  • That's not what you originally asked, but then `/@.*\.?example\./` should do it without matching the `example` in username part i.e. before the `@`. – Esa Jokinen Aug 20 '19 at 09:52
  • Hi Esa. Thanks for the help. This worked. KR - Daniel – Stonegate Aug 21 '19 at 12:08