Fwiw I keep a pre-queue instance of milter-regex
https://www.benzedrine.ch/milter-regex.html
in place, for just such 'emergencies', as well as longer-term header
match/action.
Although it's a bit long in the tooth, and not actively supported, it still
works well enough.
It's a clean, easy c
Thanks. I went with:
IF /^Message-id:/
/@qq\.com/ Reject
ENDIF
It's not all that pretty, but it works fine. I have been watching the logs and
those messages are now being rejected. Thanks for all the help.
-- Doug
> On 7 September 2017, at 15:50, pgndev wrote:
>
> I missed the "messa
I missed the "message id" ...
You should be able to match/block any valid header name.
Add it to, or replace, what's in the match -- up to you. Personally, I've
never received a valid email from 'anything' @qq.com. YMMV.
If you're shutting down a flood, more extreme, blunt instrument measures
> On 7 September 2017, at 15:28, pgndev wrote:
>
> It ain't pretty, or recommended for the long term, but something like this
> should slow it down
>
> /etc/postfix/main.cf
> header_checks = pcre:/etc/postfix/header_checks.pcre
>
> /etc/postfix/header_checks.pcre
> IF
It ain't pretty, or recommended for the long term, but something like this
should slow it down
/etc/postfix/main.cf
header_checks = pcre:/etc/postfix/header_checks.pcre
/etc/postfix/header_checks.pcre
IF /^(To|From|Cc|Reply-To|Sender|Return-Path): /
/@qq\.com/i R
My server is being hit pretty hard by spam from China. Every email is from a
different IP address. The only common item is the message id ends in @qq.com.
Is there any way to block those with that ID?
-- Doug
