Postfix - blocking spammer domains
hello,
on a small server, I use Postfix version 2.11 (debian) and want to reject some spam domains which for example dbl[dot]spamhaus[dot]org doesn't seem to recognize. her a part of my configuration: Code:
smtpd_sender_restrictions = Code:
postmap -q es2[dot]trmaildat[dot]com pcre:/etc/postfix/spam_sender_addr_pcre here the one line of spam_sender_addr_pcre: Code:
/.*es2.trmaildat.com/i REJECT what is wrong with this configuration ? before using pcre, I tried a hash file, but it didn't work either. thank you for some hints! |
Are you sure that address is the envelope sender?
Please post the portion of /var/log/maillog which shows the reception. |
here
Quote:
|
from=<052454857a4-8-314@globe-yellow-pages.com>,
host globe-yellow-pages.com globe-yellow-pages.com has address 192.64.119.78 globe-yellow-pages.com mail is handled by 10 mail.globe-yellow-pages.com. host mail.globe-yellow-pages.com mail.globe-yellow-pages.com has address 80.211.229.185 but this is from 185.111.183.36 so it seems to be lying. jwhois 185.111.183.36 netname: Biz-catalogs Says network 185.111.183.0 - 185.111.183.255 is a good candidate for the block list. |
Quote:
I don't know how to do it in postfix, but spam blocking by domain name is pretty hit-and-miss, because of forgeries; but an MTA always knows the IP of the server delivering the email, so blocking by IP address/range is very effective. [PS: Note that "by IP" is how SORBS, spamcop, and SBL-XBL do their RBL (Real-time Block List) blocking, not by domain name] |
All times are GMT -5. The time now is 03:36 AM. |