Am 17. November 2015 06:31:23 MEZ, schrieb Chris Boylan <boy...@actualsoftware.com>: >So if I build a one line /etc/postfix/access with >.xyz REJECT > >and use smtpd_sender_restrictions=check_sender_access >
You have to add the path to the access map, e.g. you postmap the /etc/postfix/access file and add hash:/etc/postfix/access after check_sender_access >That seems from the documentation like it would reject all email from >.XYZ. >Is this a reasonable approach? > Regards C > >-----Original Message----- >From: owner-postfix-us...@postfix.org >[mailto:owner-postfix-us...@postfix.org] >On Behalf Of Viktor Dukhovni >Sent: Monday, November 16, 2015 22:55 >To: postfix-users@postfix.org >Subject: Re: rejecting email from specific domains > >On Mon, Nov 16, 2015 at 10:38:07PM -0600, Chris Boylan wrote: > >> I think I'd like to key off the from information and block anything, >for >> example, that self-identifies as being from a sender in .xyz domain. > >The ".xyz" domain is a real TLD, for a generic example use ".example" >or "example.com", ... > >> Would appreciate being pointed in the right direction as I'm just >drawing a >> blank. > > http://www.postfix.org/SMTPD_ACCESS_README.html#lists > http://www.postfix.org/access.5.html > http://www.postfix.org/BUILTIN_FILTER_README.html > >Envelope senders are blocked with: > > http://www.postfix.org/postconf.5.html#check_sender_access > >Header senders can be blocked with header_checks(5), but this does >not always give good results, because regular expressions in headers >don't really parse the header particularly well and are difficult >to craft. I don't recommend header_checks(5) for blocking by header >sender address. > >If you can find a "Sieve" milter, it will make it much >easier to construct rules on header addresses.