LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Postfix blacklist (https://www.linuxquestions.org/questions/linux-server-73/postfix-blacklist-501851/)

crxssi 11-15-2006 10:19 AM
Postfix blacklist
 
Using Mandriva 2006 + Postfix + RBL + Postgrey.

We have just about everything we want, with one exception- I have no way to easily add an IP address (or range) or domain to manually blacklist.

Yes, you can do it with complex tables and hashes that have to be rebuilt every time you want to add or change something in it. But isn't there a way I can have either Postfix or Postgrey just look in a plain text file for a list of banned IP's/names without having to rebuild a hash table every time (and sometimes even reloading Postfix)?

Thanks for any ideas!

gani 11-16-2006 06:34 AM
Add amvisd-new and SpamAssassin and tell amavisd-new to use SA as well.

In SA's local.cf you can add a blacklist like this:

blacklist_from *@domain.com

Using amavisd-new, you can as well use clamav to scan mails against viruses/worms, not just spam.

http://www.ijs.si/software/amavisd

To install amavisd-new, read and follow INSTALL text file after you have unpacked the tar ball or refer to their page. Or through this howto.

http://www.postfixvirtual.net/postfi...tml#amavisdnew

crxssi 11-16-2006 05:50 PM
Thanks for the suggestion, although we don't really want to install/configure/test/run SpamAssassin at this time (since we are not interested in that type of filtering... yet).

Child of Wonder 11-17-2006 09:01 AM
Here's a very simple script that can do what you want.

Quote:
nano /usr/local/bin/addblacklistedip
Quote:
#!/bin/sh

echo -e "$1\tREJECT" >> /etc/postfix/client_access
postmap /etc/postfix/client_access

Then make it executable:

Quote:
chmod +x /usr/local/bin/addblacklistedip
Then make sure you have "check_client_access hash:/etc/postfix/client_access" in your "smtpd_client_restrictions" section (or any section) in /etc/postfix/main.cf.

Quote:
postfix reload
All you need to do is type "addblacklistedip x.x.x.x" and hit enter. In fact, you can name the script anything you want. "blacklist" "badip" etc. It will append the IP with REJECT in your client_access file and postmap it. This will stop the IP from connecting to Postfix.

crxssi 02-14-2009 10:11 AM
Thanks, "Child of Wonder". I seem to have gotten distracted and never tried your suggestion. I implemented it yesterday and it works great.

First thing to go in the blacklist was:

constantcontact.com

They will no longer CONSTANTLY CONTACT my users :)

oranges 09-22-2009 03:45 PM
will this also work if I blacklist a subnet? x.x.x.0/24?

TIA!

crxssi 09-22-2009 05:13 PM
Quote:
Originally Posted by oranges (Post 3693323)
will this also work if I blacklist a subnet? x.x.x.0/24? TIA!
Not sure on that. I have only blocked DNS things like this:

.XXX
XXXX.XXX
XXX@XXXX.XXX

Using the blacklist has been a *HUGE* success. Especially blocking entire countries like .pl .ru .cn

I just add something to the /etc/postfix/blacklist file and run postmap on it. Done!

sasykes 09-23-2009 02:34 PM
Great info. Finally got around to blacklisting some annoying email addresses.

Thanks for the script. ;)

EDIT: Actually, I had to change the postfix main.cf line to...

Quote:
smtpd_client_restrictions = permit_mynetworks, check_sender_access hash:/etc/postfix/sender_access, permit
and now all is well.


All times are GMT -5. The time now is 03:19 AM.