On 9 Apr 2020, at 0:43, Bill Cole wrote:
On 8 Apr 2020, at 19:01, @lbutlr wrote:
Given an email address of user+ama...@example.com how can I reject
all emails to that address that do not come from amazon.com?
I think I did something like this once but if I did, I didn’t keep
notes. :/
Since the decision can be made based on envelope parameters, you
should be able to do this with a restriction class. Example:
/etc/postfix/main.cf:
smtpd_restriction_classes = spooftargets
smtpd_recipient_restrictions = [...] check_recipient_access
pcre:/etc/postfix/recipient_checks.pcre [...]
spooftargets = check_sender_access
pcre:/etc/postfix/spooftarget-senders
/etc/postfix/recipient_checks.pcre:
/^b...@scconsult.com$/ spooftargets
/etc/postfix/spooftarget-senders:
/bounce@/ 554 5.7.1 This address does not accept mail from
bounce-processors
As a result, I reject all mail with a sender that matches 'bounce@'
aimed at 'b...@scconsult.com' which is an address that has been
exposed for 25 years in Usenet but never used for any sort of
subscription or transaction. One could just as easily make
'user+ama...@example.com' a member of a restriction class and only
accept mail for it if the client name and sender name match legitimate
Amazon patterns.
I should also note, in case it is not obvious: this does not scale well.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
