Reject incoming mail to user+extension

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Reject incoming mail to user+extension

@lbutlr
I have a user that uses address extensions quite a lot. one extension she uses has become nothing but spam since her (cancelled) credit card shared the address with advertisers.

She would like to have mail to [hidden email] rejected while not affecting an mail to [hidden email] or [hidden email].

My initial idea was in sender_access.pcre add a line:

/^user\+visa89@domain\.tld$/ 550 No Such User

but when I tried that and sent a test message (to a test account) the message came right through.


Reply | Threaded
Open this post in threaded view
|

Re: Reject incoming mail to user+extension

Viktor Dukhovni
On Mon, Sep 05, 2016 at 01:42:59PM -0600, @lbutlr wrote:

> I have a user that uses address extensions quite a lot. one extension she
> uses has become nothing but spam since her (cancelled) credit card shared
> the address with advertisers.
>
> She would like to have mail to [hidden email] rejected while not
> affecting an mail to [hidden email] or [hidden email].
>
> My initial idea was in sender_access.pcre add a line:
>
> /^user\+visa89@domain\.tld$/ 550 No Such User

Why *sender* access?  That is surely a recipient address.

Secondly, why use regular expressions, when indexed files will do:

    [hidden email] REJECT 5.1.1 Mailbox unavailable

--
        Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: Reject incoming mail to user+extension

@lbutlr
In reply to this post by @lbutlr
On 05 Sep 2016, at 13:42, @lbutlr <[hidden email]> wrote:
> My initial idea was in sender_access.pcre add a line:

Oh.

 # postconf -f smtpd_recipient_restrictions
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination,
    reject_non_fqdn_sender, reject_non_fqdn_recipient,
    reject_unknown_sender_domain, reject_invalid_hostname,
    reject_unlisted_recipient, reject_unlisted_sender,
    reject_unknown_reverse_client_hostname, check_sender_access
    pcre:$config_directory/sender_access.pcre, check_client_access
    hash:$config_directory/access, permit

 # postconf config_directory
config_directory = /usr/local/etc/postfix
 # ls -ls /usr/local/etc/postfix/sender_access.pcre
8 -rw-r-----  1 root  postfix  705 Sep  5 13:41 /usr/local/etc/postfix/sender_access.pcre

so, right file, right path.

Reply | Threaded
Open this post in threaded view
|

Re: Reject incoming mail to user+extension

/dev/rob0
In reply to this post by @lbutlr
On Mon, Sep 05, 2016 at 01:42:59PM -0600, @lbutlr wrote:
> I have a user that uses address extensions quite a lot. one
> extension she uses has become nothing but spam since her
> (cancelled) credit card shared the address with advertisers.
>
> She would like to have mail to [hidden email]
> rejected while not affecting an mail to [hidden email] or
> [hidden email].
>
> My initial idea was in sender_access.pcre add a line:

It does not have to be pcre; in fact, hash: might be preferable.  
However your filename suggests perhaps you are using
check_sender_access, whereas according to the description
check_recipent_access is what you need.

> /^user\+visa89@domain\.tld$/ 550 No Such User
>
> but when I tried that and sent a test message (to a test
> account) the message came right through.

Insufficient information for an exact answer, but the guess given
sounds quite likely to explain the situation.
--
  http://rob0.nodns4.us/
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
Reply | Threaded
Open this post in threaded view
|

Re: Reject incoming mail to user+extension

@lbutlr
In reply to this post by Viktor Dukhovni
On 05 Sep 2016, at 13:48, Viktor Dukhovni <[hidden email]> wrote:
>
> Why *sender* access?  That is surely a recipient address.

I don’t have a recipient_access file. I do have sender_access.prce in stmpd_recipient_restrictions though.

> Secondly, why use regular expressions, when indexed files will do:
>
>    [hidden email] REJECT 5.1.1 Mailbox unavailable

So make a new recipient_access file and add check_recipient_access to smtp_recipient_restrictions?

I’ll give that a go then.



Reply | Threaded
Open this post in threaded view
|

Re: Reject incoming mail to user+extension

@lbutlr
> On 05 Sep 2016, at 13:48, Viktor Dukhovni <[hidden email]> wrote:
>> Why *sender* access?  That is surely a recipient address.

> So make a new recipient_access file and add check_recipient_access to smtp_recipient_restrictions?

Thank you, yes, that sorted it.