I’ve had a few unwelcome visitors to my mail server and for the most part, the filters I have in place are keeping them at bay. However, there are a few determined bots that whilst not being able to bypass my filters, they do appear too often in my logs to let me just ignore them. They deserve my very specific attention. So, herein the guide to blocking senders by IP address in Postfix:
\nCreate your blacklist in a text file called \/etc\/postfix\/client_checks in the following format:<\/p>\n
39.109.123.121\u00a0 \u00a0 \u00a0REJECT Your IP is blacklisted\n52.175.18.205\u00a0 \u00a0 \u00a0 REJECT Your IP is blacklisted\n112.102.225.21\u00a0 \u00a0 \u00a0REJECT Your IP is blacklisted<\/pre>\n<\/pre>\nAdd this check to \/etc\/postfix\/main.cf:<\/p>\n
smtpd_recipient_restrictions =\n check_client_access cidr:\/etc\/postfix\/client_checks,\n ...<\/pre>\nConvert the file to a hashmap and reload Postfix:<\/p>\n
sudo \/usr\/sbin\/postmap client_checks\nsudo \/usr\/sbin\/postfix reload\n<\/pre>\nNotes:<\/strong>
\n* Check you \/var\/log\/maillog to see if there are any errors caused by your changes
\n* You can also use “OK” lines rather than “REJECT <text>” to permit hosts that are failing checks further down because for example, their sysadmin doesn’t know how to reverse DNS
\n* Further reading: http:\/\/www.postfix.org\/cidr_table.5.html<\/em>
\n*We probably don’t need to generate a hashmap when using “cidr:\/” but it is an old habit I can’t break<\/p>\n","protected":false},"excerpt":{"rendered":"