Black List Question
Patrick Ben Koetter
p at state-of-mind.de
Fri Jul 13 23:30:02 CEST 2012
* Thomas Curtis <thomas.j.curtis at gmail.com>:
> We are recieving an in ordinate amount of crap email that is not being
> filtered anywhere. It seems to be coming from some dink somewhere sending
> from wizstar@<various domains>
> I have setup whitelist_sender and blacklist_sender parameters. Those work
> with wildcarding on the domain, eg *@gmail.com, but not something like
> wizstar@* Does anyone know if this is possible or if SpamAssassin is a
> route or how we can shut this guy down.
Is the miscreant using the sender address as envelope sender address or as
FROM:-header address? If it is the envelop sender address you might consider
rejecting the sender at SMTP level BEFORE the message hits amavis.
In Postfix you would add something like this to main.cf's
smtpd_recipient_restrictions:
smtpd_recipient_restrictions =
...
check_sender_access pcre:/etc/postfix/wizstar.pcre
...
permit_mynetworks
reject_unauth_destination
...
In /etc/postfix/wizstar.pcre you would have something like this:
/^wizstar at .*$/ REJECT
That should reject any message from any sender whose localpart is wizstar.
p at rick
--
All technical questions asked privately will be automatically answered on the
list and archived for public access unless privacy is explicitely required and
justified.
saslfinger (debugging SMTP AUTH):
<http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
More information about the amavis-users
mailing list