Jim McIver wrote: > I have Postfix 2.1 on Freebsd 4.10 and am having trouble blocking > email from a domain. >
Postfix 2.1 is ancient. Recommend an upgrade as some things I mention may require 2.2 or 2.3 or higher. > Here is a snipet of the postqueue -p: > > DF6A927D 3512 Tue Mar 3 18:42:35 MAILER-DAEMON > (connect to mx1.mail.yahoo.co.jp[124.83.183.240]: server dropped > connection without sending the initial SMTP greeting) > megu0327_he...@yahoo.co.jp > > You accepted this mail. You need to find out WHY this bounce/backscatter is occurring. Check your mail log for DF6A927D. > > I would like to block the .co.jp so it doesn't pile up in postqueue. > > 2nd: > I also receive over 400 messages daily from "u...@domain.com". The > messages never go anywhere, they just pile up in the postqueue and I'd > like to keep the postqueue -p cleaned out. > > Snippet from maillog: > > Mar 4 00:09:21 mail postfix/smtpd[36633]: NOQUEUE: reject: RCPT from > unknown[89.218.164.251]: 554 <u...@domain.com>: Sender address > rejected: Access denied; from=<u...@domain.com> > to=<ob...@lmtribune.com> proto=SMTP helo=<89.218.164.251.metro.online.kz> > This message is rejected. It was not queued. To block more, upgrade and use Zen (see site for usage restrictions) grkni...@mx1 ~ $ host 251.164.218.89.zen.spamhaus.org 251.164.218.89.zen.spamhaus.org has address 127.0.0.11 251.164.218.89.zen.spamhaus.org has address 127.0.0.4 > > In my sender_access and I have: > co.jp REJECT > u...@domain.com REJECT > > In my access_client I have: > co.jp REJECT > > Output of postconf -n > smtpd_client_restrictions = check_client_access > hash:/usr/local/etc/postfix/client_access permit > smtpd_recipient_restrictions = permit_mynetworks > reject_unauth_destination reject_invalid_hostname warn_if_reject > reject_unknown_hostname reject_unauth_pipelining > reject_non_fqdn_sender reject_unknown_sender_domain > reject_non_fqdn_recipient reject_unknown_recipient_domain > warn_if_reject reject_unknown_client > reject_non_fqdn_hostname check_client_access > hash:/usr/local/etc/postfix/access_client check_helo_access > hash:/usr/local/etc/postfix/helo_access check_sender_access > hash:/usr/local/etc/postfix/sender_access check_recipient_access > hash:/usr/local/etc/postfix/recipient_access > smtpd_sender_restrictions = check_sender_access > hash:/usr/local/etc/postfix/sender_access > check_client_access expects a connecting IP match not a MAIL FROM match. Brian
