I was looking at how how I might block TLD’s (Top Level Domains) with the POSTFIX MTA and I couldn’t do it using a pcre table – most of the stuff I found used pcre. When I did an apt-get to install it on my Ubuntu Mail Server it wanted to uninstall and upgrade a few dependencies and I was like…wait a minute, what might this break?!
What’s a girl to do? Checking around I found this <– Link to POSTFIX the Definitive Guide where they talk about configuration files. You can use a regexp (regular expression) in a file (the database) to have POSTFIX look at a pattern.
I then found this link on How To Forge where user kephra said they used this:
…but I got errors on the regexp so I ended up using a different syntax from another post (can’t remember where to give them credit) but it looks like this:
So here you can add more lines for TLD’s you want to block. The first example was precise but didn’t work, the next one wasn’t precise but works and I take working over elegantly not working all day long!
Here’s the how to:
Find where POSTFIX IS: whereis postfix
Go to that directory: cd /etc/postfix
Make a backup of your POSTFIX confi file: cp main.cf main.cf.bkp
Edit your POSTFIX conf file: nano main.cf
Add this line:
# Allowed domains
smtpd_sender_restrictions = regexp:/etc/postfix/tld_block
Save the file > we now create the referenced file “tld_block” and edit it:
Add lines of all the TLD’s you want to block:
…and so forth
* You can download my file here (mega block of TLDs): Link
Save the file and restart postfix:
service postfix restart
Watch your log files now: tail -f /var/log/mail.log
…and look for results like this:
“Mar 8 19:58:52 email postfix/smtpd: NOQUEUE: reject: RCPT from usadatacompany4.usa.cc[22.214.171.124]: 554 5.7.1 <firstname.lastname@example.org>: Sender address rejected: Access denied; from=<email@example.com> to=<BingV@signartinc.com> proto=ESMTP helo=<usadatacompany4.usa.cc>”
Sender address REJECTED access denied!
That’s how you know it’s working ACCESS DENIED!