Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Postfix Domain Suffix Blocking issue

    pfSense Packages
    2
    6
    1242
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rusty91 last edited by

      Just got Postfix and Mailscanner up and working. They're mostly working awesome and blocking all kinds of annoying spam. However there are some emails coming from from non .com domains such as .ru and .eu that my boss would like me to block. I have been trying to block sender addresses with a specific domain suffix in the Postfix Access Lists tab with no luck. In showing what I've tried thus far I'll use the single suffix .ru as an example for the sake of simplicity.

      Initially, in the "Filters while receiving mail" sub section "Headers" I tried adding this line:

      /^From:.*.ru/ REJECT

      This caused all incoming mail to be blocked.
      After this failed I tried putting all of the following lines in the "Sender" subsection separately:

      .ru REJECT

      *@*.ru REJECT

      *.ru REJECT

      Each iteration failed showing no noticeable change in the processing of the included domain suffix.  I've tried using pfBlocker instead however it appears that the senders aren't actually using IP addresses from the country suffixes, just the domains. I would rather have the blocking handled directly in Postfix anyways for logging purposes. Any insights would be helpful and much appreciated.

      1 Reply Last reply Reply Quote 0
      • R
        rusty91 last edited by

        BUMP

        1 Reply Last reply Reply Quote 0
        • B
          biggsy last edited by

          Maybe someone with more than my extremely limited knowledge of PCRE can answer but don't you need to escape the periods with backslashes?

          /^From:\.*\.ru/ REJECT

          or perhaps that should be

          /^From:.*\.ru/ REJECT
```- works for me
          1 Reply Last reply Reply Quote 0
          • R
            rusty91 last edited by

            Thanks for the reply. I was beginning to wonder if I'd ever hear anything about this. Wish I'd seen it sooner, guess I've got my mail notifications turned off.

            I'll give that a try. I've got the new config loaded. It doesn't seem to be blocking everything so thats a good sign at least. I'll guess I'll have to wait for an email from an address with one of the suffixes I'm blocking. At any rate, I'll let you know what I find out. I definitely appreciate the help.

            1 Reply Last reply Reply Quote 0
            • R
              rusty91 last edited by

              Ok. So I created an email address on some freemail site over in Europe. I'm pleased to say that the fix you gave me worked.

              /^From:.*\.ru/ REJECT

              It looks to be blocking the proper domain suffixes. Thanks for the help buddy!  :D

              1 Reply Last reply Reply Quote 0
              • B
                biggsy last edited by

                Good to hear it worked.

                For future reference this site was very helpful.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post

                Products

                • Platform Overview
                • TNSR
                • pfSense
                • Appliances

                Services

                • Training
                • Professional Services

                Support

                • Subscription Plans
                • Contact Support
                • Product Lifecycle
                • Documentation

                News

                • Media Coverage
                • Press
                • Events

                Resources

                • Blog
                • FAQ
                • Find a Partner
                • Resource Library
                • Security Information

                Company

                • About Us
                • Careers
                • Partners
                • Contact Us
                • Legal
                Our Mission

                We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                Subscribe to our Newsletter

                Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                © 2021 Rubicon Communications, LLC | Privacy Policy