On 2022-08-21 Ruben Safir wrote: > any way I can block all bagels using access > > 2022-08-09T22:38:19.695815-04:00 www2 postfix/qmgr[31914]: 2251E16403D: > from=<bagel_kings_of_new_york-hangout=nylxs.com@sileverssinkles.beauty>, > size=9363, nrcpt=1 (queue active) > 2022-08-09T22:39:09.275352-04:00 www2 postfix/qmgr[31914]: ECA0316403D: > from=<bagel-kings-of-new-york-ruben=mrbrklyn.com@sileverssinkles.beauty>, > size=9442, nrcpt=1 (queue active) > 2022-08-21T08:02:44.863644-04:00 www2 postfix/smtpd[14423]: NOQUEUE: reject: > RCPT from unknown[104.148.32.8]: 554 5.7.1 Service unavailable; Client host > [104.148.32.8] blocked using zen.spamhaus.org; > https://www.spamhaus.org/sbl/query/SBLCSS; from=<thank...@bagelkingz.ru.com> > to=<hang...@nylxs.com> proto=ESMTP helo=<io7h5.bagelkingz.ru.com> > 2022-08-21T08:25:43.970550-04:00 www2 postfix/smtpd[14555]: NOQUEUE: reject: > RCPT from unknown[104.148.32.9]: 554 5.7.1 Service unavailable; Client host > [104.148.32.9] blocked using zen.spamhaus.org; > https://www.spamhaus.org/sbl/query/SBLCSS; from=<kni...@bagelkingz.ru.com> > to=<hang...@nylxs.com> proto=ESMTP helo=<askbaf.bagelkingz.ru.com> > 2022-08-21T08:25:43.974083-04:00 www2 postfix/smtpd[14556]: NOQUEUE: reject: > RCPT from unknown[104.148.32.9]: 554 5.7.1 Service unavailable; Client host > [104.148.32.9] blocked using zen.spamhaus.org; > https://www.spamhaus.org/sbl/query/SBLCSS; > from=<woodhan...@bagelkingz.ru.com> to=<sh...@mrbrklyn.com> proto=ESMTP > helo=<askbaf.bagelkingz.ru.com> > 2022-08-21T19:10:26.214435-04:00 www2 postfix/smtpd[19040]: connect from > mail.foodbagel.cam[194.31.205.163] > 2022-08-21T19:10:26.741884-04:00 www2 postfix/smtpd[19040]: B4E4D16403D: > client=mail.foodbagel.cam[194.31.205.163] > 2022-08-21T19:10:26.962960-04:00 www2 postfix/cleanup[19042]: B4E4D16403D: > message-id=<0.0.0.3.1d8b5b24a5fc260.5c1...@mail.foodbagel.cam> > 2022-08-21T19:10:27.042981-04:00 www2 postfix/qmgr[31914]: B4E4D16403D: > from=<bagel.kings.of.new.york-ruben=mrbrklyn....@foodbagel.cam>, size=8922, > nrcpt=1 (queue active) > 2022-08-21T19:10:27.249320-04:00 www2 postfix/smtpd[19040]: disconnect from > mail.foodbagel.cam[194.31.205.163]
You could use a check_sender_access restriction with a regular expression like this: /bagel/ REJECT However, a broad-ish expression like that might be throwing out the baby with the bathwater (and probably won't perform too well either, since the expression isn't anchored). I'd recommend more narrowly tailored rules. Assuming your log excerpt is comprehensive you seem to have basically two types of sender addresses: - ones with "bagel" and your e-mail address in the localpart - ones with bagelkingz.ru.com as the domain part. The latter could be handled by simply adding the domain to a plain access map (don't forget to run postmap after doing so). The former could be covered by a regular expression like this: /bagel.*=(nylxs|mrbrklyn)\.com@/ REJECT Perhaps even anchored (since all the localparts seem to begin with the word "bagel"): /^bagel.*=(nylxs|mrbrklyn)\.com@/ REJECT Regards Ansgar Wiechers -- "Abstractions save us time working, but they don't save us time learning." --Joel Spolsky
