Postfix Domain Suffix Blocking issue

  • Just got Postfix and Mailscanner up and working. They're mostly working awesome and blocking all kinds of annoying spam. However there are some emails coming from from non .com domains such as .ru and .eu that my boss would like me to block. I have been trying to block sender addresses with a specific domain suffix in the Postfix Access Lists tab with no luck. In showing what I've tried thus far I'll use the single suffix .ru as an example for the sake of simplicity.

    Initially, in the "Filters while receiving mail" sub section "Headers" I tried adding this line:

    /^From:.*.ru/ REJECT

    This caused all incoming mail to be blocked.
    After this failed I tried putting all of the following lines in the "Sender" subsection separately:

    .ru REJECT
    *@*.ru REJECT
    *.ru REJECT

    Each iteration failed showing no noticeable change in the processing of the included domain suffix.  I've tried using pfBlocker instead however it appears that the senders aren't actually using IP addresses from the country suffixes, just the domains. I would rather have the blocking handled directly in Postfix anyways for logging purposes. Any insights would be helpful and much appreciated.

  • BUMP

  • Maybe someone with more than my extremely limited knowledge of PCRE can answer but don't you need to escape the periods with backslashes?

    /^From:\.*\.ru/ REJECT

    or perhaps that should be

    /^From:.*\.ru/ REJECT
    ```- works for me

  • Thanks for the reply. I was beginning to wonder if I'd ever hear anything about this. Wish I'd seen it sooner, guess I've got my mail notifications turned off.

    I'll give that a try. I've got the new config loaded. It doesn't seem to be blocking everything so thats a good sign at least. I'll guess I'll have to wait for an email from an address with one of the suffixes I'm blocking. At any rate, I'll let you know what I find out. I definitely appreciate the help.

  • Ok. So I created an email address on some freemail site over in Europe. I'm pleased to say that the fix you gave me worked.

    /^From:.*\.ru/ REJECT

    It looks to be blocking the proper domain suffixes. Thanks for the help buddy!  :D

  • Good to hear it worked.

    For future reference this site was very helpful.

Log in to reply