I have a check to reject 'fancy TLDs' as below
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, check_sender_access pcre:/etc/postfix/sender_pcre, check_sender_access pcre:/etc/postfix/reject_domains cat /etc/postfix/reject_domains /\.bid$/ REJECT We reject all .bid domains /\.biz$/ REJECT We reject all .biz domains ... that works well, but, now have a user who gets a valid inbound rejected Dec 16 15:06:14 postfix/smtpd[8695]: NOQUEUE: reject: RCPT from mail-sy4aus01on2077.outbound.protection.outlook.com[40.107.107.77]: 554 5.7.1 <[hidden email]>: Sender address rejected: We reject all .biz domains; from=<[hidden email]> to=<recipient@tld> proto=ESMTP helo=<AUS01-SY4-obe.outbound.protection.outlook.com> is there an easy way, and how, to exempt a specified domain like 'abcd.biz' from my sender restriction ? thanks, V |
On 16/12/2020 11:07, [hidden email] wrote:
> I have a check to reject 'fancy TLDs' as below > > smtpd_sender_restrictions = > permit_mynetworks, > permit_sasl_authenticated, > check_sender_access pcre:/etc/postfix/sender_pcre, > check_sender_access pcre:/etc/postfix/reject_domains > > cat /etc/postfix/reject_domains > /\.bid$/ REJECT We reject all .bid domains > /\.biz$/ REJECT We reject all .biz domains > ... > > that works well, but, now have a user who gets a valid inbound rejected > > Dec 16 15:06:14 postfix/smtpd[8695]: NOQUEUE: reject: RCPT from > mail-sy4aus01on2077.outbound.protection.outlook.com[40.107.107.77]: 554 > 5.7.1 <[hidden email]>: Sender address rejected: We reject all .biz > domains; from=<[hidden email]> to=<recipient@tld> proto=ESMTP > helo=<AUS01-SY4-obe.outbound.protection.outlook.com> > > is there an easy way, and how, to exempt a specified domain like > 'abcd.biz' from my sender restriction ? /etc/postfix/reject_domains: /@abcd\.biz$/ DUNNO /\.bid$/ REJECT We reject all .bid domains /\.biz$/ REJECT We reject all .biz domains |
On 16 Dec 2020, at 04:14, Dominic Raferd <[hidden email]> wrote:
> /etc/postfix/reject_domains: > > /@abcd\.biz$/ DUNNO > /\.bid$/ REJECT We reject all .bid domains > /\.biz$/ REJECT We reject all .biz domains I do this: /.*automators\.fm$/ DUNNO /.*counter\.social/ DUNNO /.*ometria.email/ DUNNO /.*\.(com|net|org|edu|gov|ca|mx|de|dk|fi|fr|uk|us|tv|info|eu|es|il|it|nl|name|jp|host|au|nz|ch|tv)$/ DUNNO /.*\.*$/ 550 Mail to or from this TLD is not allowed Fourth line passes all the "good" TLDs that I accept mail from, based on my server's mail. The first three accept specific domains. The last tells everyone else to go away, and why. This means I do not need to keep track of the new TLDs that are being created every day to firehose more spam, they simply get dropped almost immediately. -- IT'S POTATO, NOT POTATOE Bart chalkboard Ep. 7F01 |
Dnia 18.12.2020 o godz. 06:38:32 @lbutlr pisze:
> /.*\.(com|net|org|edu|gov|ca|mx|de|dk|fi|fr|uk|us|tv|info|eu|es|il|it|nl|name|jp|host|au|nz|ch|tv)$/ DUNNO > /.*\.*$/ 550 Mail to or from this TLD is not allowed Should I feel offended that Poland does not exist for you? ;) -- Regards, Jaroslaw Rafa [hidden email] -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." |
In reply to this post by lists-3
On Wed, Dec 16, 2020 at 10:07:39PM +1100, [hidden email] wrote:
> that works well, but, now have a user who gets a valid inbound rejected > > Dec 16 15:06:14 postfix/smtpd[8695]: NOQUEUE: reject: RCPT from > mail-sy4aus01on2077.outbound.protection.outlook.com[40.107.107.77]: 554 > 5.7.1 <[hidden email]>: Sender address rejected: We reject all .biz > domains; from=<[hidden email]> to=<recipient@tld> proto=ESMTP > helo=<AUS01-SY4-obe.outbound.protection.outlook.com> > > is there an easy way, and how, to exempt a specified domain like > 'abcd.biz' from my sender restriction ? Exceptions via "DUNNO", as noted by others, are of course an option, but far better to not impose such crude measures, and not block entire TLDs. The ".biz" TLD is now well established, and not dramatically more prone to abuse than the others. Best to rely on a couple of decent RBLs and a spam-classifying content filter or milter. -- Viktor. |
In reply to this post by Jaroslaw Rafa
On 18 Dec 2020, at 07:54, Jaroslaw Rafa <[hidden email]> wrote:
> Dnia 18.12.2020 o godz. 06:38:32 @lbutlr pisze: >> /.*\.(com|net|org|edu|gov|ca|mx|de|dk|fi|fr|uk|us|tv|info|eu|es|il|it|nl|name|jp|host|au|nz|ch|tv)$/ DUNNO >> /.*\.*$/ 550 Mail to or from this TLD is not allowed > > Should I feel offended that Poland does not exist for you? ;) It has nothing to do with exists or not, it has to do with the mail my server receives. -- Ninety percent of true love is acute, ear-burning embarrassment. --Wyrd Sisters |
Free forum by Nabble | Edit this page |