So if I build a one line /etc/postfix/access with .xyz REJECT and use smtpd_sender_restrictions=check_sender_access
That seems from the documentation like it would reject all email from .XYZ. Is this a reasonable approach? -----Original Message----- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Viktor Dukhovni Sent: Monday, November 16, 2015 22:55 To: postfix-users@postfix.org Subject: Re: rejecting email from specific domains On Mon, Nov 16, 2015 at 10:38:07PM -0600, Chris Boylan wrote: > I think I'd like to key off the from information and block anything, for > example, that self-identifies as being from a sender in .xyz domain. The ".xyz" domain is a real TLD, for a generic example use ".example" or "example.com", ... > Would appreciate being pointed in the right direction as I'm just drawing a > blank. http://www.postfix.org/SMTPD_ACCESS_README.html#lists http://www.postfix.org/access.5.html http://www.postfix.org/BUILTIN_FILTER_README.html Envelope senders are blocked with: http://www.postfix.org/postconf.5.html#check_sender_access Header senders can be blocked with header_checks(5), but this does not always give good results, because regular expressions in headers don't really parse the header particularly well and are difficult to craft. I don't recommend header_checks(5) for blocking by header sender address. If you can find a "Sieve" milter, it will make it much easier to construct rules on header addresses. -- Viktor.
