On Wed, 21 Oct 2020 at 01:57, Alex <[email protected]> wrote: > I have a fedora32 server system with amavisd and postfix installed and > would like to block all email from China and a number of other > countries. It doesn't look like there's an easy way to do this. > > Perhaps a better approach would be to block all email and only allow > connections from US servers (even though foreign email could be routed > through a US server first)? > > Would the GeoIP stuff be helpful in amavisd? Perhaps we can block by ASN? > > I'm also using spamassassin and could write rules to block email based > on the TLD, like .cn etc. > > Perhaps we could create a policy bank or domain map with a list of the > different countries? Maybe a sender map that can block on a > per-recipient basis? > > I've done quite a bit of searching and most of what I see is from > decades ago to links that no longer exist.
I have code to set up GeoIP2 for use in SA (not GeoIP which is deprecated), but for Ubuntu i.e.using apt and Maxmind's Launchpad repository. GeoIP2 works pretty well, it can geolocate most IPs. I use it to raise the SA/amavis score for mails from 'suspect' countries. Alternatively I vaguely recall a discussion either here or on the SA list about RBLs that offer responses allowing filtering by geolocation, you might be able to find it by googling or someone here may remember better.
