21.10.2020 10:06, Dominic Raferd пишет:
On Wed, 21 Oct 2020 at 01:57, Alex <[email protected]> wrote:
I have a fedora32 server system with amavisd and postfix installed and
would like to block all email from China and a number of other
countries. It doesn't look like there's an easy way to do this.
Perhaps a better approach would be to block all email and only allow
connections from US servers (even though foreign email could be routed
through a US server first)?
Would the GeoIP stuff be helpful in amavisd? Perhaps we can block by ASN?
I'm also using spamassassin and could write rules to block email based
on the TLD, like .cn etc.
Perhaps we could create a policy bank or domain map with a list of the
different countries? Maybe a sender map that can block on a
per-recipient basis?
I've done quite a bit of searching and most of what I see is from
decades ago to links that no longer exist.
I have code to set up GeoIP2 for use in SA (not GeoIP which is
deprecated), but for Ubuntu i.e.using apt and Maxmind's Launchpad
repository. GeoIP2 works pretty well, it can geolocate most IPs. I use
it to raise the SA/amavis score for mails from 'suspect' countries.
Alternatively I vaguely recall a discussion either here or on the SA
list about RBLs that offer responses allowing filtering by
geolocation, you might be able to find it by googling or someone here
may remember better.
iptables can do this filtering using
GeoIP2 , imho, this is best way to filter mail from China ;-)
