I would really suggest using DISCARD instead of "500 This TLD sends spam - g e t lost.". Thus the spammer dosen't get to know he got stuck in a spam filter and can update their tools to bypass it.
DISCARD accepts the mail but throws it into /dev/null -----Ursprungligt meddelande----- Från: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] För li...@lazygranch.com Skickat: den 21 september 2016 02:23 Till: Jim Reid <j...@rfc1035.com> Kopia: Postfix Users <firstname.lastname@example.org> Ämne: Re: TLD blocking revisited Tell ya what. Let's hold the suggestions here. This one looks like something I can handle. (I really need things spelled out.) BTW, the SpamAssassin enlist trick caught about 20% of this flavor of spam. But I'm really OK will killing the TLD. I did some googling on this and some claim Baracuda has this spam style licked, but I don't find that to be the case. I do have Baracuda as my first RBL. I didn't mention it but the odd thing is this .stream spam goes to one email account. Perhaps in a daze I clicked unsubscribe. Thanks all for the suggestions. Original Message From: Jim Reid Sent: Tuesday, September 20, 2016 1:56 PM To: li...@lazygranch.com Cc: Postfix Users Subject: Re: TLD blocking revisited > On 20 Sep 2016, at 21:10, li...@lazygranch.com wrote: > > What is the simplest way to block a TLD? Put the offending TLD in a map and have that map referenced through check_sender_access and/or check_client_access. ie in main.cf: smtpd_client_restrictions = permit_mynetworks .... check_client_access hash:/etc/postfix/spamsources mtpd_sender_restrictions = permit_mynetworks .... check_sender_access hash:/etc/postfix/spamsources and in /etc/postfix/spamsources: xyz 500 This TLD sends spam - get lost.
Description: S/MIME Cryptographic Signature