.. fail2ban Sasl filer. Of add xtable (geo ip) and block then countries. I only allow sasl auth from my own country AND an A record must exist in the dns for the host sending.
And Blacklisting the spamming domains is often useless. You better check for the age of the domain or so. http://spameatingmonkey.com/usage.html i use fresh.spameatingmonkey.net, if its less then 5 days old i reject it. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: nmi...@noa.gr [mailto:owner-postfix-us...@postfix.org] Namens > Nikolaos Milas > Verzonden: donderdag 11 augustus 2016 12:45 > Aan: Richard Klingler > CC: postfix-us...@cloud9.net > Onderwerp: Re: Block certain prefixes/TLDs from accessing > > On 11/8/2016 1:25 ????, Richard Klingler wrote: > > > Is there an easy way to block a list of prefixes from accessing postfix? > > ... > > Preferably I would like to combine prefix and domain filtering > > as plain helo_checks won't allow regular expression for hostnames. > > I think you can use: > > smtpd_recipient_restrictions = > ... > check_sender_access hash:/etc/postfix/blacklisted_senders > check_client_access cidr:/etc/postfix/blacklisted_prefixes > reject_unverified_recipient > reject_unauth_destination > ... > > where /etc/postfix/blacklisted_senders: > > m...@example.com REJECT > example.net REJECT > subd.example.org REJECT > ... > > and /etc/postfix/blacklisted_prefixes: > > 192.168.1.1 REJECT > 192.168.0.0/16 REJECT > 2001:db8::1 REJECT > 2001:db8::/32 REJECT > > Nick
