I was looking at how how I might block TLD’s (Top Level Domains) with the POSTFIX MTA and I couldn’t do it using a pcre table – most of the stuff I found used pcre. When I did an apt-get to install it on my Ubuntu Mail Server it wanted to uninstall and upgrade a few dependencies and I was like…wait a minute, what might this break?!
What’s a girl to do? Checking around I found this <– Link to POSTFIX the Definitive Guide where they talk about configuration files. You can use a regexp (regular expression) in a file (the database) to have POSTFIX look at a pattern.
I then found this link on How To Forge where user kephra said they used this:
“/(from|reply-to|helo).+?<.+?(\.\w+(?<!com|org|net|edu|gov)>)/ REJECT”
…but I got errors on the regexp so I ended up using a different syntax from another post (can’t remember where to give them credit) but it looks like this:
/\.aaa$/ REJECT
So here you can add more lines for TLD’s you want to block. The first example was precise but didn’t work, the next one wasn’t precise but works and I take working over elegantly not working all day long!
Here’s the how to:
Find where POSTFIX IS: whereis postfix
Go to that directory: cd /etc/postfix
Make a backup of your POSTFIX confi file: cp main.cf main.cf.bkp
Edit your POSTFIX conf file: nano main.cf
Add this line:
# Allowed domains
smtpd_sender_restrictions = regexp:/etc/postfix/tld_block
Save the file > we now create the referenced file “tld_block” and edit it:
touch tld_block
nano tld_block
Add lines of all the TLD’s you want to block:
/\.aaa$/ REJECT
/\.aarp$/ REJECT
/\.abarth$/ REJECT
…and so forth
* You can download my file here (mega block of TLDs): Link
Save the file and restart postfix:
service postfix restart
Done
Watch your log files now: tail -f /var/log/mail.log
…and look for results like this:
“Mar 8 19:58:52 email postfix/smtpd[4018]: NOQUEUE: reject: RCPT from usadatacompany4.usa.cc[138.68.87.13]: 554 5.7.1 <donotreply@lifestylecompanyinc.cc>: Sender address rejected: Access denied; from=<donotreply@lifestylecompanyinc.cc> to=<BingV@signartinc.com> proto=ESMTP helo=<usadatacompany4.usa.cc>”
Sender address REJECTED access denied!
That’s how you know it’s working ACCESS DENIED!