On 11/2/2019 2:38 PM, John Schmerold wrote: > On 10/24/2019 12:32 AM, @lbutlr wrote: >> On 23 Oct 2019, at 15:20, lists <li...@lazygranch.com> wrote: >>> /\.asia$/ 510 Denied: Unacceptable TLD .asia >> [Long list… removed] >> >> smtpd_helo_restrictions = reject_invalid_helo_hostname >> check_helo_access pcre:/etc/postfix/helo_checks.pcre permit >> >> /etc/postfix/helo_checks.pcre: >> /.*\.(com|net|org|edu|gov|ca|mx|de|dk|fi|fr|uk|us|tv|info|biz|eu|es|il|it|nl|name|jp|host|au|nz|ch|tv)$/ >> DUNNO >> /.*\.*$/ 550 Mail to or from this TLD is not allowed >> >> >> Of course your list will differ than mine, but I find this much >> better than reacting to which of these new garbage TLDs are spamming >> me this week. > > You can achieve a similar result with this addition to SA's custom.cf: > > header GC_TLD_COM_R Received !~/\.(?:com|net|org|edu|uk|us|gov)\b/i > score GC_TLD_COM_R 3.2 > > header GC_TLD_COM_F From !~/\.(?:com|net|org|edu|uk|us|ca|gov)\b/i > score GC_TLD_COM_F 3.2 > > If I were a bit more worldly, I would add a few more country codes. >
Just some additions to John's ideas: If you search TLD in KAM.cf (http://www.mcgrail.com/downloads/KAM.cf), you'll see some examples of how to do this. There is also a new feature for WLBLEval plugin (see https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7354) which is in trunk and in the release candidate for 3.4.3. That lets you do something like: enlist_addrlist (SUSPECTTLDS) *@*.politicians enlist_addrlist (SUSPECTTLDS) *@*.spammer header __FROM_SUSPECT_TLD eval:check_from_in_list('SUSPECTTLDS') Take a look. We can also use help testing the release candidate[1]. Regards, KAM [1] 3.4.3 release candidate 5 is now available at http://talon2.pccc.com/~kmcgrail/devel/ sha256sum of archive files: 0004e17011f8d050e621dce7990bfd31fbdf50a7c54c68829f0553c6759d11f9 Mail-SpamAssassin-3.4.3-rc5.tar.bz2 b7f12b3e2ff740e9746ad0bc1446807e1972309689ced6e3de0c24facf3db77f Mail-SpamAssassin-3.4.3-rc5.tar.gz 751aa714c923e2464c4c8a1ae624dbd9355c38f59bd8cbdc7949bc4f29449aa1 Mail-SpamAssassin-3.4.3-rc5.zip 41edfd71101a48c7f3c404f481595b9613c95ce25e25abeb9ced0e45d7539f84 Mail-SpamAssassin-rules-3.4.3-rc5.r1868741.tgz sha512sum of archive files: ac1e51f814040af9397fb73de4c0da7daf3327a543b7e5082c63cd19166dc530c725490bcdf65e8c1472df4d2d3fdfbb84779a23a98281313ec2b457c7fcb190 Mail-SpamAssassin-3.4.3-rc5.tar.bz2 51518571eec7691987065c66aaec882b5deabac37124011f8da26cbd040cb223e37b3d0d4a4d962ff848fe4639a101046ffc21d4694df035acb8eb330b24e614 Mail-SpamAssassin-3.4.3-rc5.tar.gz 65b783d037ebe8a99466e15c0409c51ed3fa12d046139232ba90d6ccb63614008e2c54138a01f8afe67f38c163e5bf2955d2c8fd2bf2397b83d09a4b0a6534e7 Mail-SpamAssassin-3.4.3-rc5.zip ed1565c8f4448319546808fc2a2326f380153699631089c183ee93aa962fded59414643b2345ecdfabf9098d40609dd121b1056feabd162d830ea527ec2c3b04 Mail-SpamAssassin-rules-3.4.3-rc5.r1868741.tgz -- *Kevin A. McGrail* CEO Emeritus Peregrine Computer Consultants Corporation 10311 Cascade Lane Fairfax, VA 22032 http://www.pccc.com/ 703-359-9700 / 800-823-8402 (Toll-Free) 703-798-0171 (wireless) kmcgr...@pccc.com <mailto:kmcgr...@pccc.com> https://www.linkedin.com/in/kmcgrail
