On Tue, August 25, 2020 23:07, Rob McEwen wrote: > Thanks, John Capo, for the suggestions! Honestly, I'm at the end of my rope - > completely burned > out from creating this - desperately needing to catch up in other areas of my > business so that I > can pay my bills. And I have other ideas for how to make this data even > better that I'm trying to > get to asap. So help like this is very appreciated! > > BTW - does Postfix "know" to refresh the data when the files are updated? Or > is there some kind > of command that needs to run to tell Postfix to reload the files? How does > that work?
Postfix loads regex files when a new smtpd instance is started. Running postfix reload or running postmap on a hashed file forces a restart. Ideally the ids would be in an RBL so changes are seen in a minute or so. I pan on adding that capability to my policy server. > ALSO - would it help if I created a separate set of files for Postfix that > are pre-formatted this > way already? Dominic Raferd posted a script that does that. Your time is probably better spent elsewhere. And Paul Stead posted a nice plugin for Spamassassin. John Capo Tuffmail.com > > Thanks! > > > Rob McEwen, invaluement.com > > > > On 8/25/2020 2:26 PM, John Capo wrote: > >> On 2020-08-25 11:42, Matus UHLAR - fantomas wrote: >> >>> >>> well, do we have anything available now to block at SMTP level? - postfix >>> policy server? - >>> milter? >>> >>> >>> so far I have noticed only SA plugins. Which is not bad, but that HUGE >>> advantage is not >>> usable now. >> >> Nothing elegant about this but it was easy to implement. You need to create >> the software >> specific to your MX servers to update the files below from Rob's web site. >> >> Adjust the paths below to your Postfix install >> >> >> Add these entries to your main.cf: >> >> >> smtpd_restriction_classes = sendgrid >> >> >> # Limit senders that are matched with the regexes in sendgrid-ids # sendgrid >> = >> check_sender_access pcre:/usr/local/etc/postfix/maps/sendgrid-ids >> >> >> smtpd_recipient_restrictions = check_sender_access >> hash:/usr/local/etc/postfix/maps/from-sendgrid >> >> >> Create a file like this from the senders in >> https://www.invaluement.com/spdata/sendgrid-envelopefromdomain-dnsbl.txt >> >> >> sendgrid.net sendgrid appliedaicourse.com sendgrid bithumbcorp.email >> sendgrid >> bitline.life sendgrid bureausveritas.com sendgrid caractere.ro >> sendgrid >> craftsgenerals.com sendgrid dalvry.com sendgrid ... >> >> >> Name it from-sendgrid and place it in your Postfix directory postmap >> from-sendgrid >> >> Create a file like this from the ids in >> https://www.invaluement.com/spdata/sendgrid-id-dnsbl.txt >> >> >> /^bounces\+2191708-[0-9a-f]{4}-/ REJECT Phish from compromised Sendgrid >> account >> /^bounces\+4227563-[0-9a-f]{4}-/ REJECT Phish from compromised Sendgrid >> account >> /^bounces\+13780591-[0-9a-f]{4}-/ REJECT Phish from compromised Sendgrid >> account >> /^bounces\+10163588-[0-9a-f]{4}-/ REJECT Phish from compromised Sendgrid >> account >> /^bounces\+10180020-[0-9a-f]{4}-/ REJECT Phish from compromised Sendgrid >> account ... >> >> >> Name it sendgrid-ids and place it in your Postfix directory >> >> >> postfix reload >> >> John Capo Tuffmail.com >> >> > > -- Rob McEwen https://www.invaluement.com +1 (478) 475-9032 > > > >
