Blocking by country

Dmitry Melekhov dm at belkam.com
Wed Oct 21 08:20:58 CEST 2020


21.10.2020 10:06, Dominic Raferd пишет:
> On Wed, 21 Oct 2020 at 01:57, Alex <mysqlstudent at gmail.com> wrote:
>> I have a fedora32 server system with amavisd and postfix installed and
>> would like to block all email from China and a number of other
>> countries. It doesn't look like there's an easy way to do this.
>>
>> Perhaps a better approach would be to block all email and only allow
>> connections from US servers (even though foreign email could be routed
>> through a US server first)?
>>
>> Would the GeoIP stuff be helpful in amavisd? Perhaps we can block by ASN?
>>
>> I'm also using spamassassin and could write rules to block email based
>> on the TLD, like .cn etc.
>>
>> Perhaps we could create a policy bank or domain map with a list of the
>> different countries? Maybe a sender map that can block on a
>> per-recipient basis?
>>
>> I've done quite a bit of searching and most of what I see is from
>> decades ago to links that no longer exist.
> I have code to set up GeoIP2 for use in SA (not GeoIP which is
> deprecated), but for Ubuntu i.e.using apt and Maxmind's Launchpad
> repository. GeoIP2 works pretty well, it can geolocate most IPs. I use
> it to raise the SA/amavis score for mails from 'suspect' countries.
>
> Alternatively I vaguely recall a discussion either here or on the SA
> list about RBLs that offer responses allowing filtering by
> geolocation, you might be able to find it by googling or someone here
> may remember better.

iptables can do this filtering using

GeoIP2  , imho, this is best way to filter mail from China ;-)



More information about the amavis-users mailing list