Blocking by country
Dominic Raferd
dominic at timedicer.co.uk
Wed Oct 21 08:06:47 CEST 2020
On Wed, 21 Oct 2020 at 01:57, Alex <mysqlstudent at gmail.com> wrote:
> I have a fedora32 server system with amavisd and postfix installed and
> would like to block all email from China and a number of other
> countries. It doesn't look like there's an easy way to do this.
>
> Perhaps a better approach would be to block all email and only allow
> connections from US servers (even though foreign email could be routed
> through a US server first)?
>
> Would the GeoIP stuff be helpful in amavisd? Perhaps we can block by ASN?
>
> I'm also using spamassassin and could write rules to block email based
> on the TLD, like .cn etc.
>
> Perhaps we could create a policy bank or domain map with a list of the
> different countries? Maybe a sender map that can block on a
> per-recipient basis?
>
> I've done quite a bit of searching and most of what I see is from
> decades ago to links that no longer exist.
I have code to set up GeoIP2 for use in SA (not GeoIP which is
deprecated), but for Ubuntu i.e.using apt and Maxmind's Launchpad
repository. GeoIP2 works pretty well, it can geolocate most IPs. I use
it to raise the SA/amavis score for mails from 'suspect' countries.
Alternatively I vaguely recall a discussion either here or on the SA
list about RBLs that offer responses allowing filtering by
geolocation, you might be able to find it by googling or someone here
may remember better.
More information about the amavis-users
mailing list