On Sun, Jun 16, 2024 at 10:06:41AM -0400, Wietse Venema via Postfix-users wrote:
> John R. Levine via Postfix-users:
> > On Sat, 15 Jun 2024, Jeff Peng wrote:
> > > I think postscreen can block them easily.
> >
> > I'm looking at the postscreen man page and I don't see anything about mail
> > addresses. Am I missing something?
>
> That is a bad suggestion, please ignore.
>
> > I do see smtpd_command_filter. How about if I map MAIL FROM:<badname> to
> > QUIT?
>
> That would do the job. With regexp: or pcre: tables you may save
> some CPU cycles with:
>
> # Don't indent text between IF and ENDIF.
> IF /^MAIL FROM:/
> /^MAIL FROM:<badstuff>/ QUIT
> /^MAIL FROM:<badstuff>/ QUIT
> ...
> ENDIF
What's wrong with simple literall access(5) checks on the envelope
sender, one then also gets to log the rejected recipients assuming the
default setting of "smtpd_delay_reject = yes".
Regular expressions are much too fragile in the hands of most users.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
