block all mail from mta's with a FQDN match?

jasonsu Mon, 28 Mar 2016 14:54:29 -0700

Hi,

How would I match/block access to mail sent from MTAs that have FQDNs that 
start with


    mta-wk-*

it's not a header, it's not content, it's not an IP ...

but, it's clearly logged in my postfix logs

        postfix.log:Mar 24 13:00:42 mail2 postfix/int01/smtpd[20932]: connect 
from mta-wk-1.mk1.ratineer.com[82.196.0.148]
        postfix.log:Mar 24 13:00:43 mail2 postfix/int01/smtpd[20932]: NOQUEUE: 
client=mta-wk-1.mk1.ratineer.com[82.196.0.148]
        postfix.log:Mar 24 13:00:58 mail2 postfix/int01/smtpd[20932]: lost 
connection after RCPT from mta-wk-1.mk1.ratineer.com[82.196.0.148]
        postfix.log:Mar 24 13:00:58 mail2 postfix/int01/smtpd[20932]: 
disconnect from mta-wk-1.mk1.ratineer.com[82.196.0.148] ehlo=1 mail=1 rcpt=1 
commands=3

My goal is to block ALL mail from this list of MTAs

    
https://groups.google.com/d/msg/news.admin.net-abuse.email/_6DLJB8fF9k/ZGBwTTsFBQAJ

DNSBLs get many of them, but they apparently change IP addresses, and sneak 
through on occasion.

All seem to be hosted by/at SYNAPP.IO

Thanks.

block all mail from mta's with a FQDN match?

Reply via email to