Am 02.10.2014 um 20:50 schrieb Philip Prindeville: > The issue we’ve been having with Blacklotus (self-appointed champions of > everyone’s right to be on the internet, no matter how shady, is the > impression I got from speaking to their sales department a while ago) has one > commonality. > > All of the domains that resolve to 192.3.186.4 are registered to > registrar-servers.com. > > How do I go about blocking based on the NS records for a given domain having > NS records with an RHS of dns\d+\.registrar-servers\.com ? > > Also noticed that all of the A records for these DNS servers points to… > anyone want to guess? … Blacklotus? > > What upstandingly egalitarian folks that want to give an internet soapbox to > even the most shady amongst us! How horribly misunderstood they must be for > this veiled virtue! > > -Philip > not exact what you want , but may help too
http://www.postfix.org/postconf.5.html check_recipient_ns_access type:table Search the specified access(5) database for the DNS servers for the RCPT TO domain, and execute the corresponding action. Note: a result of "OK" is not allowed for safety reasons. Instead, use DUNNO in order to exclude specific hosts from blacklists. This feature is available in Postfix 2.1 and later. like smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/check_recipient_access, reject_unknown_recipient_domain, reject_non_fqdn_recipient, check_recipient_ns_access hash:/etc/postfix/for_sale_recipient_ns_access, /etc/postfix/for_sale_recipient_ns_access ns2.sedoparking.com REJECT the domain is offered at sedo.com/de to buy, which usally means it has no mailserver ns1.sedoparking.com REJECT the domain is offered at sedo.com/de to buy, which usally means it has no mailserver ns1.fastpark.net REJECT the domain is parked at fastpark.net which usally means it has no mailserver ns2.fastpark.net REJECT the domain is parked at fastpark.net which usally means it has no mailserver you might use regex or pcre tables also perhaps also read https://sys4.de/de/blog/2014/04/02/e-mail-fehlerhafter-nameserver-ablehnen/ https://sys4.de/de/blog/2014/04/03/e-mail-fehlerhafter-nameserver-ablehnen-ii/ sorry german but config should speak for its own Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
