I’ve had a few unwelcome visitors to my mail server and for the most part, the filters I have in place are keeping them at bay. However, there are a few determined bots that whilst not being able to bypass my filters, they do appear too often in my logs to let me just ignore them. They deserve my very specific attention. So, herein the guide to blocking senders by IP address in Postfix:
Create your blacklist in a text file called /etc/postfix/client_checks in the following format:
39.109.123.121 REJECT Your IP is blacklisted 52.175.18.205 REJECT Your IP is blacklisted 112.102.225.21 REJECT Your IP is blacklisted
Add this check to /etc/postfix/main.cf:
smtpd_recipient_restrictions = check_client_access cidr:/etc/postfix/client_checks, ...
Convert the file to a hashmap and reload Postfix:
sudo /usr/sbin/postmap client_checks sudo /usr/sbin/postfix reload
Notes:
* Check you /var/log/maillog to see if there are any errors caused by your changes
* You can also use “OK” lines rather than “REJECT <text>” to permit hosts that are failing checks further down because for example, their sysadmin doesn’t know how to reverse DNS
* Further reading: http://www.postfix.org/cidr_table.5.html
*We probably don’t need to generate a hashmap when using “cidr:/” but it is an old habit I can’t break
