- Tony Earnshaw wrote:
> Carlos Eduardo R. L. de Miranda wrote:Note that
>> Our server is receiving lots of spam messages from servers with Russian
>> I would like to block every message from Russian domains.
>> Postfix 2.3.3 - Fedora Core 6
>> smtpd_sender_restrictions = check_sender_access
>> reject_non_fqdn_sender, reject_unknown_sender_domain
>> sender file:
>> /.*@*\.ru$/ REJECT text message
> The above is wrong and obviously won't block anything from anyone. Do
> you see why? Look again!
> This will work (tested with pcretest):
is almost equivalent to
assuming one doesn't accept nonfqnd addresses,
would block more than the posted expression. or if you think there will
be a tld ending in ru other than .ru, then
but as you say, the sender tld won't help much... OP may want a geo
DNSBL such as blackholes.us (Is this still maintained?).
- Quoth mouss ...
> Jorey Bump wrote:Simpler still, and requiring less horsepower ... get the country IP
> > Carlos Eduardo R. L. de Miranda wrote:
> >> Our server is receiving lots of spam messages from servers
> >> with Russian domain.
> >> I would like to block every message from Russian domains.
> > If you must block by country, use an RBL:
> > http://countries.nerd.dk/
> > However, I find such RBLs more useful in a scoring system.
> > Here's what
> > I do in my SpamAssassin local.cf (watch the wrap):
> > # first discover country code of origin using a TXT lookup
> > header RCVD_COUNTRIES eval:check_rbl_txt('nerd-zz',
> > 'zz.countries.nerd.dk.')
> > describe RCVD_COUNTRIES Received from countries.nerd.dk
> > tflags RCVD_COUNTRIES net
> > # All countries get a point by default
> > score RCVD_COUNTRIES 1.0
> Instead of querying a DNSBL:
> loadplugin Mail::SpamAssassin::Plugin::RelayCountry
> header COUNTRY_US X-Relay-Countries=~/\bUS\b/
> describe COUNTRY_US Relayed via United States
> score COUNTRY_US 0.01
assignments from http://completewhois.com in a form suitable for use with
your firewall, and block port 25 (or everthing) to packets coming from those
address blocks. This isn't perfect, but if applied selectively, it really,
really cuts down on the crap.
I don't see a lot of spam delivered by servers at Russian domains, although
I see a lot of spam with forged Russian "from" addresses.
- Tony Earnshaw wrote:
>His mail has two Message-Id headers.
> BTW my MUA (Thunderbird 184.108.40.206) keeps breaking your MS Outlook 11
> thread, I don't know why ...
- 1:47am mouss said:
> Tony Earnshaw wrote:Received: from .* by BAY110-DAV4.phx.gbl with DAV;
> > BTW my MUA (Thunderbird 220.127.116.11) keeps breaking your MS Outlook 11 thread, I
> > don't know why ...
> His mail has two Message-Id headers.
> Message-ID: <BAY110-DAV4BED20C8242739035454BBADA0@...>
> Message-ID: <004401c71547$d0829ab0$7400a8c0@ws1>
> broken setup...
Indeed, the offending relay appears to have been MSN/Hotmail using WebDAV
for email submission.
- Hi all2006/12/1, Carlos Eduardo R. L. de Miranda <cerlm@...>:
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender,
/.*@*\.ru$/ REJECT text message
Command: postmap /etc/postfix/sender
Service postfix reload
It is no working. The *.ru domains are accepted and delivered to user.
Lots of responses, but there's something I cannot see. If you are using regular expressions, you must use regexp: or pcre: type maps for regular expressions to be evaluated. If you use HASH, afaik it wouldn't work.