Here is how you can improve your Postfix access maps in order to block incoming spam based on sender’s address.<\/p>\n
<\/p>\n
Using your mail client, move junk emails to the Junk folder (Whether you filter mail manually or with the help of spam filters is entirely up to you).<\/p>\n
In the command line of your mail server, navigate to the mail directory down to the junk folder that contains unwanted mail (typically it’s a subdirectory named either “new” or “cur”).<\/p>\n
In the folder that contains the spam you want to run through your access maps file or header checks file, create these new directories:<\/p>\n
mkdir temp<\/pre>\nThis directory will hold the individual mails that are yet to be processed.<\/p>\n
mkdir done<\/pre>\nThis directory will hold the individual mails that have already been processed (until you delete them).<\/p>\n
Move the spam to the temp directory.<\/p>\n
Step 4. Mark mail from unrecognized senders with DUNNO<\/h4>\n
In the file which is referenced as your access sender maps table (e.g. \/etc\/postfix\/access_maps\/pcre_access_sender) in \/etc\/postfix\/main.cf, enter this line after all other rules:<\/p>\n
\/^From:.+($|>)\/ DUNNO<\/pre>\nThis line will log the message “DUNNO” for each unknown sender address indicating that Postfix cannot decide what to do with that particular message based on MAIL FROM.<\/p>\n
Step 5. Run each spam message through postmap<\/h4>\n
At the prompt, enter this line (after adjusting for the path to your header checks or access maps file):<\/p>\n
for f in temp\/*; do echo \"Processing $f ... please wait...\"; (postmap -q - pcre:\/etc\/postfix\/access_maps\/pcre_access_sender < $f) >> logs_pcre_access_sender; mv $f done\/; done<\/pre>\nThis little one-liner will:<\/p>\n
It will, however, limit checks to the access maps table for senders’ addresses. (You may want to repeat Step 3 and 4 for other types of restrictions.)<\/p>\n
The result will be written to logs_pcre_access_sender (in your current working directory).<\/p>\n
Grep in logs_pcre_access_sender for DUNNO to find all undesirable senders:<\/p>\n
grep -i DUNNO logs_pcre_access_sender >> DUNNOs<\/pre>\nYou can extract these very easily using regex and add them to your access restrictions.<\/p>\n
Step 6. Extract domain names and convert them into regular expressions<\/h4>\n
Strip the file containing unrecognized senders of all irrelevant characters leaving only the offending domain names in place.<\/p>\n
In Notepad++, run a replacement\u00a0using regular expressions. Search for the pattern:<\/p>\n
^(.+)\\.(.+)<\/p>\n
Replace each occurrence of this pattern with:<\/p>\n
\/[@\\\\.]+\\($1\\\\.$2\\)\\($|>\\)\/ DISCARD sender's domain name rejected : [\\$1]<\/pre>\nThis will turn your list of domains:<\/p>\n
domainname1.tld\r\ndomainname2.tld\r\ndomainname3.tld<\/pre>\ninto a list of regular expressions for domain-level blocking in Postfix which you can enter into a regex: or pcre: access map table:<\/p>\n
\/[@\\.]+(domainname1\\.com)($|>)\/ DISCARD sender's domain name rejected : [$1]\r\n\/[@\\.]+(domainname2\\.com)($|>)\/ DISCARD sender's domain name rejected : [$1]\r\n\/[@\\.]+(domainname3\\.com)($|>)\/ DISCARD sender's domain name rejected : [$1]<\/pre>\nTip: Before pasting from Notepad++ into PuTTY, perform an EOL conversion to the Windows standard.<\/p>\n
Step 7. Test your regex and reload or restart Postfix<\/h4>\n
Remember to test your regex using:<\/p>\n
postmap -q '<yadayada@domainname1.com>' pcre:\/etc\/postfix\/access_maps\/pcre_access_sender<\/pre>\nIf it works, run:<\/p>\n
postfix reload<\/pre>\nor<\/p>\n
systemctl restart postfix<\/pre>\nTip: Sifting through log files can be cumbersome. If you want to cut to the chase and see just the most relevant output, you can use:<\/p>\n
egrep '(warning|error|fatal|panic):' \/var\/log\/maillog | more<\/pre>\n<\/p>\n","protected":false},"excerpt":{"rendered":"
Here is how you can improve your Postfix access maps in order to block incoming spam based on sender’s address.<\/p>\n","protected":false},"author":1,"featured_media":1289,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[16,2],"tags":[32,5,11,10,4],"yoast_head":"\n
Optimizing Postfix access maps to block incoming spam based on sender's address - CloudInsidr<\/title>\n<meta name=\"robots\" content=\"index, follow\" \/>\n<meta name=\"googlebot\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta name=\"bingbot\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.cloudinsidr.com\/content\/optimizing-postfix-access-maps-to-block-incoming-spam-based-on-senders-address\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Optimizing Postfix access maps to block incoming spam based on sender's address - CloudInsidr\" \/>\n<meta property=\"og:description\" content=\"Here is how you can improve your Postfix access maps in order to block incoming spam based on sender’s address.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.cloudinsidr.com\/content\/optimizing-postfix-access-maps-to-block-incoming-spam-based-on-senders-address\/\" \/>\n<meta property=\"og:site_name\" content=\"CloudInsidr\" \/>\n<meta property=\"article:published_time\" content=\"2016-08-12T03:56:02+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2016-09-22T04:50:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.cloudinsidr.com\/content\/wp-content\/uploads\/2016\/08\/Postfix_logo-e1474460602587.png\" \/>\n\t<meta property=\"og:image:width\" content=\"830\" \/>\n\t<meta property=\"og:image:height\" content=\"458\" \/>\n<meta name=\"twitter:card\" content=\"summary\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.cloudinsidr.com\/content\/#website\",\"url\":\"https:\/\/www.cloudinsidr.com\/content\/\",\"name\":\"CloudInsidr\",\"description\":\"Cyber security, infotech\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":\"https:\/\/www.cloudinsidr.com\/content\/?s={search_term_string}\",\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.cloudinsidr.com\/content\/optimizing-postfix-access-maps-to-block-incoming-spam-based-on-senders-address\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.cloudinsidr.com\/content\/wp-content\/uploads\/2016\/08\/Postfix_logo-e1474460602587.png\",\"width\":830,\"height\":458,\"caption\":\"Postfix, the official logo\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.cloudinsidr.com\/content\/optimizing-postfix-access-maps-to-block-incoming-spam-based-on-senders-address\/#webpage\",\"url\":\"https:\/\/www.cloudinsidr.com\/content\/optimizing-postfix-access-maps-to-block-incoming-spam-based-on-senders-address\/\",\"name\":\"Optimizing Postfix access maps to block incoming spam based on sender's address - CloudInsidr\",\"isPartOf\":{\"@id\":\"https:\/\/www.cloudinsidr.com\/content\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.cloudinsidr.com\/content\/optimizing-postfix-access-maps-to-block-incoming-spam-based-on-senders-address\/#primaryimage\"},\"datePublished\":\"2016-08-12T03:56:02+00:00\",\"dateModified\":\"2016-09-22T04:50:05+00:00\",\"author\":{\"@id\":\"https:\/\/www.cloudinsidr.com\/content\/#\/schema\/person\/dd6ee9cb21cf05763fd7cff3d6f11b2b\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.cloudinsidr.com\/content\/optimizing-postfix-access-maps-to-block-incoming-spam-based-on-senders-address\/\"]}]},{\"@type\":[\"Person\"],\"@id\":\"https:\/\/www.cloudinsidr.com\/content\/#\/schema\/person\/dd6ee9cb21cf05763fd7cff3d6f11b2b\",\"name\":\"Cloud Insidr\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.cloudinsidr.com\/content\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8b2fa1415b3d573b97d818b8f8f83b7c?s=96&d=mm&r=g\",\"caption\":\"Cloud Insidr\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","_links":{"self":[{"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/posts\/1267"}],"collection":[{"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/comments?post=1267"}],"version-history":[{"count":8,"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/posts\/1267\/revisions"}],"predecessor-version":[{"id":1275,"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/posts\/1267\/revisions\/1275"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/media\/1289"}],"wp:attachment":[{"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/media?parent=1267"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/categories?post=1267"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/tags?post=1267"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}