On Fri, Jan 20, 2023 at 03:53:25PM -0600, Noel Jones <njo...@megan.vbhcs.org> wrote:
> On 1/20/2023 3:25 PM, Scott Techlist wrote: > > I'm fuzzy on if I can block a message like the one below one using > > check_sender_access or check_client_access. > > check_sender_access is the envelope sender address, the > person/company/program who sent the mail. You can use the full email address > or just the domain. Note this may not be the same as the From: header. > check_sender_access is always an email address, or an email domain. > > check_client_access is for the computer that connect and send the mail. It > is identified by an IP address or a hostname. Note the hostname may not have > any obvious connection to the envelop sender or to the From: header. > check_client_access is always an IP address or a computer hostname, never an > email address. In other words, check_sender_access tests the address that ended up being stored in the From_ mbox pseudo header: From bounce-91040_html-994996332-142678-514026815-45...@bounce.s11.mc.pd25.com Fri Jan 20 12:40:11 2023 And check_client_access doesn't check any headers at all. It checks the IP address of the client making the SMTP connection. There is also the $header_checks parameter which lets you match content in arbitrary headers. See postconf(5) and header_checks(5). There is also spamassassin(1) and rspamd(1) for milter-based content inspection and spam detection. cheers, raf