Hi,

I,m using postfix with mysql / courier-imap on a slackware 10.1

I receive plenty of mails following a certain pattern (like 456_farmer@mydomain.com, 456_fault@mydomain.com, 456_fungus@mydomain.com, etc.), so it should be possible to filter them out...

For your understanding: they aren't delivered. They are rejected - finally after the recipient failes to be listed.

However, it puts a big load on my mysql-server.

- I don't like Blacklists (RBL) - even though this blocks a lot of it.
- I use greylisting, but also using a mysql table for it...

My idea is to reject/discard those emails before any mysql table is bothered by using REGEXP or PCRE expressions

If I use
smtpd_recipient_restrictions =
check_recipient_access
pcre:/etc/postfix/checks/own_domains

and my own_domains file looks like
/^RCPT TO: .* <([0-9]{2,3})([\._,-]?)([0-9,a-z,A-Z_\-\.]*)[@](mydomain.com)>/ REJECT Go away!

or

/^TO: .* <([0-9]{2,3})([\._,-]?)([0-9,a-z,A-Z_\-\.]*)[@](mydomain.com)>/ REJECT Go away!

nothing happens (I checked various expressions) ... all get caught by the greylisting filter later on.

So, QUESTION is, any ideas how to stop "series" of spam mails _BEFORE_ my database tables are stressed?

Thanks in advance. Help / Suggestions are most welcome.

Sulee:
I think the problem may be the fact that spammers use cheap or poorly implemented software that don't closely follow the rfc's. For instance, instead of sending:
they may send
In your expression, the address will only match if enclosed within angle brackets, <address>, which many spammers don't do.

I would try removing the angle brackets from your RE, and see if it catches it then.
So instead of:
Try:
Let me know if this worked.

Hi,

/^([0-9]{2,3})([\._,-]?)([0-9A-Z._-]*)[@](mydomain\.com)/ REJECT Go away!

That works!

also in

smtpd_recipient_restrictions =
check_recipient_access
pcre:/etc/postfix/checks/own_domains,

as long as there isn't

permit_mynetworks,
permit_sasl_authenticated,

placed before it ... since that gives a free pass to all *@mydomain.com

Enjoy!