2018-11-19 16:57 GMT+01:00 Bill Cole < postfixlists-070...@billmail.scconsult.com>:
> On 19 Nov 2018, at 5:24, Poliman - Serwis wrote: > > Hello. I saw in logs that some non existent mailbox from client domain >> hosted on google tries send some mail to existing mailbox in this same >> domain. Non existent mailbox is used from IP's: >> 94.102.49.198 >> 149.56.173.68 >> and both are blacklisted. >> I need to block these IP addresses in Postfix and also I would like to add >> more blacklists to Postfix. >> > > The most absolute and direct way to block specific IP addresses in Postfix > is (if you are using postscreen) via postscreen_access_list: > > main.cf: > postscreen_access_list = cidr:/etc/postfix/postscreen-access > postscreen_blacklist_action = enforce > > > postscreen-access: > 94.102.49.198/32 REJECT > 149.56.173.68/32 REJECT > > (Although I'd personally reject all of 94.102.48.0/20, as I've seen no > evidence of that network operator generating anything but malicious > traffic.) > > If you're using an antique version of Postfix or don't have postscreen > enabled, you can instead do this: > > main.cf: > smtpd_client_restrictions = [...], > check_client_access=cidr/etc/postfix/ip-access, > [...] > > > /etc/postfix/ip-access: > 94.102.49.198/32 REJECT > 149.56.173.68/32 REJECT > > Note that the "smtpd_client_restrictions" restriction list probably will > include other directives and that the order of directives in a restriction > list determines which ones actually act: a "PERMIT" or "REJECT" from any > directive causes Postfix to skip the rest of that list and "REJECT" causes > it to skip the logically subsequent restriction lists. > > > Thank you for answers. I use Postfix -> mail_version = 3.1.0 -- *Pozdrawiam / Best Regards* *Piotr Bracha*
