Blocking Spammers by IP address in Postfix

I’ve had a few unwelcome visitors to my mail server and for the most part, the filters I have in place are keeping them at bay. However, there are a few determined bots that whilst not being able to bypass my filters, they do appear too often in my logs to let me just ignore them. They deserve my very specific attention. So, herein the guide to blocking senders by IP address in Postfix:

Create your blacklist in a text file called /etc/postfix/client_checks in the following format:

39.109.123.121     REJECT Your IP is blacklisted
52.175.18.205      REJECT Your IP is blacklisted
112.102.225.21     REJECT Your IP is blacklisted

Add this check to /etc/postfix/main.cf:

smtpd_recipient_restrictions =
 check_client_access cidr:/etc/postfix/client_checks,
 ...

Convert the file to a hashmap and reload Postfix:

sudo /usr/sbin/postmap client_checks
sudo /usr/sbin/postfix reload

Notes:

* Check you /var/log/maillog to see if there are any errors caused by your changes
* You can also use “OK” lines rather than “REJECT <text>” to permit hosts that are failing checks further down because for example, their sysadmin doesn’t know how to reverse DNS
* Further reading: http://www.postfix.org/cidr_table.5.html
*We probably don’t need to generate a hashmap when using “cidr:/” but it is an old habit I can’t break

Leave a Reply