Hi,
TLDR:
I have a persistent spammer getting through after making all the changes below.
In sender_access I have tried all off the following but am still getting spam.
Am I missing something or have I made a mistake somewhere?.
I would like to just nuke anything from that domain (and this works fine for my other entries)
/^hergivenhair\.com$/ DISCARD
.hergivenhair.com DISCARD
hergivenhair.com DISCARD
spammer1@hergivenhair.com DISCARD
spammer3@hergivenhair.com DISCARD
spammer2@hergivenhair.com DISCARD
Background
I am running MIAB v57 (I am holding off upgrading for now) but its otherwise fully patched.
We have some persistent spammers and while I am getting users to move to SPAM and I checked thats is learning, some are still getting through.
To date I have solved this by following the excellent guides here and adding persistent offenders to my sender_access file then processing.
This works 99.9% of the time but I have one getting through (however any others listed are all DISCARDed as expected) - initially it was due to them changing the user@ they were sending from so I changed my method and I think I am blocking both the domain and the email address by using the following
To layout the steps I have taken.
Edit main.cf:
$ sudo nano /etc/postfix/main.cf
Add the check_sender_access table to [smtpd_relay_restrictions]Postfix Configuration Parameters):
(Example of the updated line is below - see the ending)
smtpd_relay_restrictions=permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,check_sender_access hash:/etc/postfix/sender_access
edit the rules list file and add offenders
sudo nano /etc/postfix/sender_access
Eg add to the file the desired action or actions:
username@example.com DISCARD
example.net DISCARD
Create/update the database hashed file
sudo postmap /etc/postfix/sender_access
Then restart postfix/server.
sudo service postfix restart
