1 Topic by ag

  • ag
  • Member
  • Offline
  • Registered: 2012-12-10
  • Posts: 52

Topic: Block email address and whole domain in iRedMail

==== ==== Required information ====
- iRedMail version: 0.8.3
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version: Debian 6
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue:
====

Hi,
How can i block email address and whole domain's in iRedMail? I know that Pro version has it but I don't use it.

I've tried with postfix:

Created a file for sender_policy, with email address and domains:

spam@domain.com        REJECT
domain.net                    REJECT
mailing.domain.org        REJECT

Than did:

postmap hash:sender_policy

Added entry 'check_sender_access' to the main.cf in 'smtpd_recipient_restrictions'

smtpd_recipient_restrictions = permit_mynetworks,
        check_sender_access hash:/etc/postfix/sender_policy,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        reject_non_fqdn_sender,
        reject_non_fqdn_recipient,
        reject_unlisted_recipient,
        check_policy_service inet:127.0.0.1:7777,
        permit_sasl_authenticated,
        reject_unauth_destination,
        reject_non_fqdn_helo_hostname,
        reject_invalid_helo_hostname,
        check_policy_service inet:127.0.0.1:10031

And finally, restart postfix.

But it doesn't work, I still receive spam from e-mails at the list. Maybe syntax of the sender_policy is wrong or entry in main.cf?

Or maybe there is better way to do this? And also can I block some e-mail address or domain for specific users?

Thank you.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Block email address and whole domain in iRedMail

*) The syntax in 'sender_policy' file looks fine.
*) Did you try to move this 'check_sender_access' to 'smtpd_sender_restrictions ='?
*) If it doesn't work, please try to add your client address in Postfix 'debug_peer_list =', restart Postfix and try to send an email (with blocked sender address) from this client address. Any related log in Postfix log file?

3 Reply by ag

  • ag
  • Member
  • Offline
  • Registered: 2012-12-10
  • Posts: 52

Re: Block email address and whole domain in iRedMail

I thought that I have it but still getting e-mails from blocked, maybe I block wrong address, this is the header of some spam e-mail which I want to block:

X-Account-Key: account1
X-Mozilla-Keys:                                                                                 
Return-Path: <sbiuro@iblatni.pl>
Delivered-To: myuser@mydomain.com
Received: from localhost (myserverdomain.com [127.0.0.1])
    by myserverdomain.com (Postfix) with ESMTP id 5637B623401
    for <myuser@mydomain.com>; Fri,  3 Jun 2016 02:21:00 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at debian.xxxx.com
X-Spam-Flag: NO
X-Spam-Score: 5.639
X-Spam-Level: *****
X-Spam-Status: No, score=5.639 tagged_above=2 required=6.31
    tests=[BAYES_50=0.8, DATE_IN_PAST_12_24=1.049,
    DNS_FROM_AHBL_RHSBL=2.699, HTML_IMAGE_ONLY_16=1.092,
    HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
    autolearn=no
Received: from myserverdomain.com ([127.0.0.1])
    by localhost (myserverdomain.com [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id wDognqNx5sxE for <myuser@mydomain.com>;
    Fri,  3 Jun 2016 02:21:00 +0200 (CEST)
Received: from smtp.5267.niebieski.net (5267.niebieski.net [94.152.193.167])
    by mail.mydomain.com (Postfix) with ESMTP id F0EEC622EC6
    for <myuser@mydomain.com>; Fri,  3 Jun 2016 02:21:00 +0200 (CEST)
Received: (qmail 29769 invoked by uid 167007); 3 Jun 2016 02:21:00 -0000
Received: from 94.152.193.172 (HELO peter.net.pl) (kontosmtp@IBLATNI.PL@94.152.193.172)
  by 94.152.193.167 with ESMTPA; 3 Jun 2016 02:21:00 -0000
To: myuser@mydomain.com
Subject: =?UTF-8?B?xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=?=
Message-ID: <xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@peter.net.pl>
Date: Thu, 02 Jun 2016 12:21:13 +0200
From: "BLATNI" <biuro@iblatni.pl>
Reply-To: biuro@iblatni.pl
MIME-Version: 1.0
X-Mailer-LID: 19,17
List-Unsubscribe: <http://peter.net.pl/unsubscribe.php?M=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
X-Mailer-RecptId: 6192301
X-Mailer-SID: 111
X-Mailer-Sent-By: 3
Content-Type: multipart/alternative; charset="UTF-8"; boundary="b1_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
Content-Transfer-Encoding: 8bit

I was blocking by received from for example smtp.5267.niebieski.net or 5267.niebieski.net and sometimes it works but like in this case it don't.

What should I block and how? Blocking "From:" makes no sense because it cant be change easily. So I thought i will block servers but it doesnt work.

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Block email address and whole domain in iRedMail

Cannot help without enough log and evidence. Sorry.