On 16.08.24 10:45, Wesley via Postfix-users wrote:
Today one of our users got a lot of messages (100k at least) from three sender domains. I doubt they were DoS to the recepient.The logs seem like (after rejection was setup): Aug 16 18:37:10 mx postfix/smtpd[40673]: NOQUEUE: reject: RCPT from ba-bja.cloudflare-email.net[104.30.10.190]: 554 5.7.1 <cfbounces+ndrd...@targitt.com>: Sender address rejected: Access denied; from=<cfbounces+ndrd...@targitt.com> to=<*@*.com> proto=ESMTP helo=<ba-bja.cloudflare-email.net> All those messages are forwarded by cloudflare via their Email Routing function. I can't reject CF's ip addresses certainly. But thanks to postfix, I can reject the specified domains like this kind of configuration: smtpd_sender_restrictions = inline:{ { example.com = reject } { other.example = reject} } This works perfect for me. BTW, as the sample above, does it reject sub.example.com domain as well?
only if your parent_domain_matches_subdomains contains "smtpd_access_maps". I recommend you not putting it there and if you need it, use ".example.com" instead.
http://www.postfix.org/postconf.5.html#parent_domain_matches_subdomains -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Spam = (S)tupid (P)eople's (A)dvertising (M)ethod _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
