(I previously posted this request for help on ServerFault but got no responses,
so I'm hoping the official Postfix mailing list will go better.)
I have an Ubuntu 22.04 cloud VM with Postfix 3.6.4-1ubuntu1.3 installed that I
largely use for receiving e-mails sent to addresses at my personal domain that
I provide when signing up for less-important website accounts. In the past few
months, one of these addresses has been receiving too many unsolicited e-mails
from the same domain that are managing to get through the server's basic spam
defenses. I would like to block these e-mails at the Postfix level, and I
thought I set things up properly, but the e-mails are still coming through.
The "From" addresses for the spam e-mails all share the same domain — here
"stupidspammers.example" — and they are all sent (per both the "Received:"
headers and the mail logs) from a subdomain of "spamgateway.nil".
I tried to block the e-mails as follows:
1. I created /etc/postfix/access with the following contents:
stupidspammers.example REJECT
2. I ran `sudo postmap hash:/etc/postfix/access`
3. I added the line "smtpd_sender_restrictions = check_sender_access
hash:/etc/postfix/access" to /etc/postfix/main.cf
4. I restarted Postfix with `sudo systemctl restart postfix`
When this setup proved insufficient, I changed the contents of
/etc/postfix/access to "spamgateway.nil REJECT" and repeated steps 2 & 4. The
e-mails still kept coming through, so I tried adding the line ".spamgateway.nil
REJECT" (with a leading period), but that didn't help either. I can't figure
out what I'm doing wrong.
For the record, my /etc/postfix/main.cf (with some details removed) is:
### BEGIN main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
notify_classes = bounce, 2bounce, data, delay, resource, software
# Do NOT include 'protocol' in 'notify_classes' unless you want to be flooded
# with notifications from easily-defeated script-kiddie break-in attempts.
# Also, don't include 'policy' unless you want you be notified possibly
# multiple times whenever greylisting delays something.
readme_directory = /usr/share/doc/postfix
html_directory = /usr/share/doc/postfix/html
# appending .domain is the MUA's job.
append_dot_mydomain = no
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_tls_cert_file = REDACTED
smtpd_tls_key_file = REDACTED
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_security_level = may
smtpd_tls_protocols = !SSLv2, !SSLv3
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_security_level = may
smtp_tls_protocols = !SSLv2, !SSLv3
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
# Postgrey:
check_policy_service inet:127.0.0.1:10023
smtpd_relay_restrictions =
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access
postscreen_access_list = permit_mynetworks,
# Postwhite:
cidr:/etc/postfix/postscreen_spf_whitelist.cidr,
myhostname = REDACTED
myorigin = REDACTED
mydomain = REDACTED
mydestination =
REDACTED,
localhost,
localhost.$mydomain,
localhost.localdomain
mynetworks_style = host
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
relayhost =
inet_interfaces = all
inet_protocols = all
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
local_recipient_maps =
luser_relay = REDACTED
mailbox_command = procmail -a "$EXTENSION"
ORIGINAL_RECIPIENT="$ORIGINAL_RECIPIENT"
mailbox_size_limit = 0
recipient_delimiter = +
# DKIM:
milter_protocol = 2
milter_default_action = accept
smtpd_milters = inet:localhost:12301
non_smtpd_milters = inet:localhost:12301
### END main.cf
-- John Wodder
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
