Thanks, John Capo, for the suggestions! Honestly, I'm at the end of my
rope - completely burned out from creating this - desperately needing to
catch up in other areas of my business so that I can pay my bills. And I
have other ideas for how to make this data even better that I'm trying
to get to asap. So help like this is very appreciated!
BTW - does Postfix "know" to refresh the data when the files are
updated? Or is there some kind of command that needs to run to tell
Postfix to reload the files? How does that work? ALSO - would it help if
I created a separate set of files for Postfix that are pre-formatted
this way already?
Thanks!
Rob McEwen, invaluement.com
On 8/25/2020 2:26 PM, John Capo wrote:
On 2020-08-25 11:42, Matus UHLAR - fantomas wrote:
well, do we have anything available now to block at SMTP level?
- postfix policy server?
- milter?
so far I have noticed only SA plugins. Which is not bad, but that HUGE
advantage is not usable now.
Nothing elegant about this but it was easy to implement. You need to
create the software specific to your MX servers to update the files
below from Rob's web site.
Adjust the paths below to your Postfix install
Add these entries to your main.cf:
smtpd_restriction_classes =
sendgrid
# Limit senders that are matched with the regexes in sendgrid-ids
#
sendgrid =
check_sender_access pcre:/usr/local/etc/postfix/maps/sendgrid-ids
smtpd_recipient_restrictions =
check_sender_access hash:/usr/local/etc/postfix/maps/from-sendgrid
Create a file like this from the senders in
https://www.invaluement.com/spdata/sendgrid-envelopefromdomain-dnsbl.txt
sendgrid.net sendgrid
appliedaicourse.com sendgrid
bithumbcorp.email sendgrid
bitline.life sendgrid
bureausveritas.com sendgrid
caractere.ro sendgrid
craftsgenerals.com sendgrid
dalvry.com sendgrid
...
Name it from-sendgrid and place it in your Postfix directory
postmap from-sendgrid
Create a file like this from the ids in
https://www.invaluement.com/spdata/sendgrid-id-dnsbl.txt
/^bounces\+2191708-[0-9a-f]{4}-/ REJECT Phish from compromised
Sendgrid account
/^bounces\+4227563-[0-9a-f]{4}-/ REJECT Phish from compromised
Sendgrid account
/^bounces\+13780591-[0-9a-f]{4}-/ REJECT Phish from compromised
Sendgrid account
/^bounces\+10163588-[0-9a-f]{4}-/ REJECT Phish from compromised
Sendgrid account
/^bounces\+10180020-[0-9a-f]{4}-/ REJECT Phish from compromised
Sendgrid account
...
Name it sendgrid-ids and place it in your Postfix directory
postfix reload
John Capo
Tuffmail.com
--
Rob McEwen
https://www.invaluement.com
+1 (478) 475-9032
