Blacklisting tld in postfix

postfix

In my postfix setup I want to "disable" all incoming mail from a specific TLD domain (in my case, all domains ending with ".info"). My usual way to block domains is using a hashed file in /etc/postfix/rejected_domains, that looks like this

[...]
bla.info     REJECT Spam
blubb.info   REJECT More Spam!
[...]

and having this piece of configuration in my main.cf file:

# domains to be restricted
smtpd_sender_restrictions = hash:/etc/postfix/rejected_domains
reject_unauth_destinations = hash:/etc/postfix/rejected_domains

My idea to block all of info was adding these rules into the above file:

*.info  REJECT Toooo much spam
.info   REJECT Toooo much spam

Unluckily this does not seem to work.

Using postfix 2.8.5-2~build0.10.04 on Ubuntu LTS 10 here.


Solution 1:

Hash is for literals (exact matches), you want to use regex or pcre:

as Overmind pointed out, you want to append these if you already have values, you can check you existing values with

postconf smtpd_sender_restrictions
postconf reject_unauth_destinations

Then you can override them with:

postconf -e smtpd_sender_restrictions=pcre:/etc/postfix/rejected_domains
postconf -e reject_unauth_destinations=pcre:/etc/postfix/rejected_domains

contents of /etc/postfix/rejected_domains:

/\.info$/           REJECT All Info Domains

and then postfix reload

Related

Why does this Nginx config result in "rewrite or internal redirection cycle"
What shebang for Anaconda Python on my directory of Server
where is systemctl command in redhat 6.6 64 bit OS?
nginx fails to start on boot with systemd on Ubuntu 15.04 and 15.10
Run Perl CGI Scripts On CentOS 7 With Apache/Httpd
Hyper-V Virtual Switches and DHCP
IIS 7.5 - can't configure two SSL Certificates under one IP-adress?
Resize kubernetes cluster with a different machine type?
How to connect postgresql with LDAP user?
Making HAProxy Pass a Host Name in HTTPCHECK
Does nginx really need dac_override in its AppArmor policy?
dhclient doesn't set default gateway