If IP address and domain names continuously changes they are probably fake domain names and emails sent by randomly exploited servers. Following additions to configuration might help:
smtpd_sender_restrictions = [...], reject_invalid_hostname, reject_unauth_pipelining, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_rbl_client zen.spamhaus.org, reject_rbl_client sbl.spamhaus.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client dul.dnsbl.sorbs.net, [...] smtpd_recipient_restrictions = [...], reject_invalid_hostname, reject_unauth_pipelining, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_rbl_client zen.spamhaus.org, reject_rbl_client sbl.spamhaus.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client dul.dnsbl.sorbs.net, [...] Anvar Kuchkartaev an...@anvartay.com ---- On Sun, 10 Dec 2017 17:03:18 +0100 Hadmut Danisch <had...@danisch.de> wrote ---- > Hi, > > I'm getting tons of spam with mail senders or helo names from TLDs like > .date, e.g. > > > Received: from koan-shf.date (unknown [78.129.179.127]) by... > > > where the domain names (here: koan-shf.date) rapidly change and are > obviously randomly generated. IP addresses also change daily. > > > I'd therefore like to block TLDs like .date or .loan, which currently > does not work with postfix. Following it's manpage 5 access, the block > lists for mails and sender machines need at least .domain.tld, i.e. two > domain components. > > This made sense as long as we had country code and the old generic TLDs > like com and gov, but not anymore since ICANN allowed any nonsense to be > registered as a TLD. > > > I'd like to propose to allow one component queries for mail addresses > and hostnames in access lists as well. > > > > regards > > Hadmut > > > > >