I would really suggest using DISCARD instead of "500 This TLD sends spam - g
e t lost.".
Thus the spammer dosen't get to know he got stuck in a spam filter and can
update their tools to bypass it.

DISCARD accepts the mail but throws it into /dev/null

-----Ursprungligt meddelande-----
Från: owner-postfix-us...@postfix.org
[mailto:owner-postfix-us...@postfix.org] För li...@lazygranch.com
Skickat: den 21 september 2016 02:23
Till: Jim Reid <j...@rfc1035.com>
Kopia: Postfix Users <postfix-users@postfix.org>
Ämne: Re: TLD blocking revisited

Tell ya what. Let's hold the suggestions here. This one looks like something
I can handle. (I really need things spelled out.)

BTW, the SpamAssassin enlist trick caught about 20% of this flavor of spam.
But I'm really OK will killing the TLD. 

I did some googling on this and some claim Baracuda has this spam style
licked, but I don't find that to be the case. I do have Baracuda as my first

I didn't mention it but the odd thing is this .stream spam goes to one email
account. Perhaps in a daze I clicked unsubscribe. 

Thanks all for the suggestions.

  Original Message
From: Jim Reid
Sent: Tuesday, September 20, 2016 1:56 PM
To: li...@lazygranch.com
Cc: Postfix Users
Subject: Re: TLD blocking revisited

> On 20 Sep 2016, at 21:10, li...@lazygranch.com wrote:
> What is the simplest way to block a TLD?

Put the offending TLD in a map and have that map referenced through
check_sender_access and/or check_client_access.


in main.cf:

smtpd_client_restrictions = permit_mynetworks ....
check_client_access hash:/etc/postfix/spamsources

mtpd_sender_restrictions = permit_mynetworks ....
check_sender_access hash:/etc/postfix/spamsources

and in /etc/postfix/spamsources:

xyz     500 This TLD sends spam - get lost.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to