# In need of quick postfix domain blocking....

## g4dave

I am trying to upgrade out E-Mail server at work to Gentoo 1.4 running postfix.  The old E-Mail server is running sendmail with a flat text file of about 200 or so domains that I reject E-Mail from.  Is there a flat text file I can edit in Postfix to deny these known spam senders?  I looked on Google and all I get is some wacky configuration items that I cannot figure out.  Can anyone tell me what files exactly I need to edit and what to add to them?  I looked at SpamAssassin and sounds like it would be cool, but I don't like the idea of it filtering our outgoing E-Mail too.  Might break some of the bosses outgoing mail or something.  

Any other ideas on how to block Spam from known domains?

-Dave

****

Feel free to E-Mail me at anon1981@hotmail.com!  Just leave the SUBJECT: field BLANK or it goes directly to TRASH.

****

----------

## mglauche

its in the postfix manual  :Smile:  http://www.postfix.org/uce.html#smtpd_client_restrictions

by the way, its not a good idea to run gentoo 1.4 on the mailserver  :Razz:  things can and will probably break, which is not good for a mailserver  :Wink: 

(besides, 1.4 does not offer much more to a mailserver than 1.2 does ... in opposite to kde  :Wink: 

----------

## trapni

 *mglauche wrote:*   

> by the way, its not a good idea to run gentoo 1.4 on the mailserver  things can and will probably break, which is not good for a mailserver 
> 
> (besides, 1.4 does not offer much more to a mailserver than 1.2 does ... in opposite to kde 

 Well, I've upgraded our SOHO Server from Gentoo 1.3b to 1.4beta, too. This was primary because of gcc 3.2 (pre). I really had no problems yet, only the INN (nntp server broke on compile *args*), but everything else works well, even on run time.

I need a non gcc3 system, since it doesn't compile my very own sources I wrote for Apache. (gcc2 is simply to old)

Greets,

Christian Parpart.

----------

## rizzo

Does postfix let you use the various public blacklists, like sendmail does?  I will be changing my mailserver from sendmail to postfix, and I use those public blacklists for spam/uce blocking.

----------

## trapni

 *rizzo wrote:*   

> Does postfix let you use the various public blacklists, like sendmail does?  I will be changing my mailserver from sendmail to postfix, and I use those public blacklists for spam/uce blocking.

 If you got the answer elsewhere, please let me know, because I switched from sendmail to postfix too. But this was because sendmail doesn't support maildir folders.

Having a spam blocker would be really very helpfull  :Wink: 

Thanks,

Christian Parpart.

----------

## rizzo

In particular I use the MAPS RBL.  Their product endorsement page doesn't list postfix in there.  Again, if anyone has done this or knows of a work-around, please chime in.

----------

## trapni

Some things I found by googling around:

http://sdb.suse.de/en/sdb/html/rsimai_imap_content_filter.html

This describes it for its SuSE eMail Server III, but it seems to use the postfix as its backend. By scrolling down you can find something about how to implement blacklists  :Wink: 

and http://www.postfix.org/uce.html informs about RBLs (realtime black lists) too.

So, I'll read'em now too  :Razz: 

Greets,

Christian Parpart.

----------

## rizzo

Yes I just found this on the MAPS DUL page, but it applies to the RBL:

 *Quote:*   

> 
> 
> Postfix
> 
> Oliver Robert made an example config for Postfix but it changed with the latest known Postfix (20010228_pl03). The following example is valid for the 20010228_pl03 version:
> ...

 

----------

## trapni

Hi rizzo,

okay here I found nearly the same,

I added into main.cf:

```
smtpd_helo_restrictions = reject_maps_rbl

maps_rbl_domains = blackholes.mail-abuse.org, relays.osirusoft.com

```

I now added also your abuse hosts you posted and added the client restriction - restarted and pray that it works  :Smile: 

Greets,

Christian Parpart.

----------

## eivinn

For this to work you need to add the lines presented by trapni.

To test your setup you also need to add server

```
sbl.spamhaus.org
```

to maps_rbl_domains

Then you need to

```
postfix reload
```

To test your configuration you send an e-mail to nelson-SBL-test@crynwr.com from your domain.

If, or if not, successful you will recieve a message describing what happened...   :Razz: 

----------

