On 1/21/2010 2:34 PM, Carlos Williams wrote: > Everyday I have a notification from my virus scanner that a Virus / > Trojan was received from a specific IP: > > The email every day is from the same IP to the same recipient on my > Postfix server. I have what most of you consider a very small / low > traffic Postfix MTA so I was wondering if adding the IP address in > /etc/postfix/sender_access is wrong or acceptable to stop receiving > mail from this IP. I contacted Brighthouse and realized those are > moments of my life I will never get back. > > Here is what I have in 'sender_access': > > # Black/Whitelist for senders matching the 'MAIL FROM' field. Examples... > > 75.112.128.242 REJECT >
This is a client IP not a sender, e. g. 'MAIL FROM: br...@example.com' The IP should go into a file referenced by a check_client_access restriction. > Below is a Postconf -n > [snip] > smtpd_recipient_restrictions = permit_mynetworks, > permit_sasl_authenticated, reject_unauth_pipelining, > reject_non_fqdn_recipient, reject_unknown_recipient_domain, > reject_unauth_destination, reject_unlisted_recipient, > check_policy_service unix:postgrey/socket, check_sender_access > hash:/etc/postfix/sender_access, > check_helo_access pcre:/etc/postfix/helo_checks.pcre, > reject_rbl_client zen.spamhaus.org, reject_rbl_client > bl.spamcop.net, permit >
