On Mon, Aug 22, 2022 at 08:50:51AM +0200, Ansgar Wiechers wrote: > On 2022-08-21 Ruben Safir wrote: > > any way I can block all bagels using access > > > > 2022-08-09T22:38:19.695815-04:00 www2 postfix/qmgr[31914]: 2251E16403D: > > from=<bagel_kings_of_new_york-hangout=nylxs.com@sileverssinkles.beauty>, > > size=9363, nrcpt=1 (queue active) > > 2022-08-09T22:39:09.275352-04:00 www2 postfix/qmgr[31914]: ECA0316403D: > > from=<bagel-kings-of-new-york-ruben=mrbrklyn.com@sileverssinkles.beauty>, > > size=9442, nrcpt=1 (queue active) > > 2022-08-21T08:02:44.863644-04:00 www2 postfix/smtpd[14423]: NOQUEUE: > > reject: RCPT from unknown[104.148.32.8]: 554 5.7.1 Service unavailable; > > Client host [104.148.32.8] blocked using zen.spamhaus.org; > > https://www.spamhaus.org/sbl/query/SBLCSS; > > from=<thank...@bagelkingz.ru.com> to=<hang...@nylxs.com> proto=ESMTP > > helo=<io7h5.bagelkingz.ru.com> > > 2022-08-21T08:25:43.970550-04:00 www2 postfix/smtpd[14555]: NOQUEUE: > > reject: RCPT from unknown[104.148.32.9]: 554 5.7.1 Service unavailable; > > Client host [104.148.32.9] blocked using zen.spamhaus.org; > > https://www.spamhaus.org/sbl/query/SBLCSS; from=<kni...@bagelkingz.ru.com> > > to=<hang...@nylxs.com> proto=ESMTP helo=<askbaf.bagelkingz.ru.com> > > 2022-08-21T08:25:43.974083-04:00 www2 postfix/smtpd[14556]: NOQUEUE: > > reject: RCPT from unknown[104.148.32.9]: 554 5.7.1 Service unavailable; > > Client host [104.148.32.9] blocked using zen.spamhaus.org; > > https://www.spamhaus.org/sbl/query/SBLCSS; > > from=<woodhan...@bagelkingz.ru.com> to=<sh...@mrbrklyn.com> proto=ESMTP > > helo=<askbaf.bagelkingz.ru.com> > > 2022-08-21T19:10:26.214435-04:00 www2 postfix/smtpd[19040]: connect from > > mail.foodbagel.cam[194.31.205.163] > > 2022-08-21T19:10:26.741884-04:00 www2 postfix/smtpd[19040]: B4E4D16403D: > > client=mail.foodbagel.cam[194.31.205.163] > > 2022-08-21T19:10:26.962960-04:00 www2 postfix/cleanup[19042]: B4E4D16403D: > > message-id=<0.0.0.3.1d8b5b24a5fc260.5c1...@mail.foodbagel.cam> > > 2022-08-21T19:10:27.042981-04:00 www2 postfix/qmgr[31914]: B4E4D16403D: > > from=<bagel.kings.of.new.york-ruben=mrbrklyn....@foodbagel.cam>, size=8922, > > nrcpt=1 (queue active) > > 2022-08-21T19:10:27.249320-04:00 www2 postfix/smtpd[19040]: disconnect from > > mail.foodbagel.cam[194.31.205.163] > > You could use a check_sender_access restriction with a regular > expression like this: > > /bagel/ REJECT >
Do I use the map created by the postfix/access file for this? > However, a broad-ish expression like that might be throwing out the baby > with the bathwater (and probably won't perform too well either, since > the expression isn't anchored). I'd recommend more narrowly tailored > rules. > > Assuming your log excerpt is comprehensive you seem to have basically > two types of sender addresses: > > - ones with "bagel" and your e-mail address in the localpart > - ones with bagelkingz.ru.com as the domain part. > > The latter could be handled by simply adding the domain to a plain > access map (don't forget to run postmap after doing so). > > The former could be covered by a regular expression like this: > > /bagel.*=(nylxs|mrbrklyn)\.com@/ REJECT > > Perhaps even anchored (since all the localparts seem to begin with the > word "bagel"): > > /^bagel.*=(nylxs|mrbrklyn)\.com@/ REJECT > > Regards > Ansgar Wiechers > -- > "Abstractions save us time working, but they don't save us time learning." > --Joel Spolsky -- So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://www.mrbrklyn.com DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 http://www.nylxs.com - Leadership Development in Free Software http://www2.mrbrklyn.com/resources - Unpublished Archive http://www.coinhangout.com - coins! http://www.brooklyn-living.com Being so tracked is for FARM ANIMALS and extermination camps, but incompatible with living as a free human being. -RI Safir 2013
