HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)

- General (http://www.howtoforge.com/forums/forumdisplay.php?f=25)

- - Blacklist outgouing mail (http://www.howtoforge.com/forums/showthread.php?t=38465)

Blacklist outgouing mail

Hi,

A major Slovenian free e-mail provider has recently gone bust. As a result, thousands of outgoing e-mails are being deferred in our server's mail logs, as some of the hosted sites still try to send e-mail to these addresses.

Is there a way to tell postfix (through ISPConfig if possible) to completely ignore any e-mail being sent out, whose recipient belongs to a certain domain? Postfix should not try to send such messages and if possible, not even log the attempt.

I tried adding a record to "Email > Global Filters > Postfix Blacklist" with "@offending-domain.tld" as Blacklist Address and Recipient as Type. This doesn't seem to have the desired effect though.

Try this:

add a email route / (transport) in ispconfig with:

domain: offending-domain.tld
type: error
destination: This email address does not exist anymore.

Quote:

Originally Posted by till (Post 201960)

Try this:

add a email route / (transport) in ispconfig with:

domain: offending-domain.tld
type: error
destination: This email address does not exist anymore.

Thanks, till. It worked. The messages no longer go to the queue. However, quite a lot of entries are still added to the logs for a single message:

Code:

Aug 24 20:32:34 prod postfix/pickup[8518]: 4D0F51CF1F2: uid=0 from=<root>

Aug 24 20:32:34 prod postfix/cleanup[8551]: 4D0F51CF1F2: message-id=<20090824183234.4D0F51CF1F2@hostname.server-domain.tld>

Aug 24 20:32:34 prod postfix/qmgr[8520]: 4D0F51CF1F2: from=<root@hostname.server-domain.tld>, size=316, nrcpt=1 (queue active)

Aug 24 20:32:34 prod postfix/error[8554]: 4D0F51CF1F2: to=<mailbox@offending-domain.tld>, relay=none, delay=0.12, delays=0.09/0.01/0/0.01, dsn=5.0.0, status=bounced ([This email address does not exist anymore.])

Aug 24 20:32:34 prod postfix/cleanup[8551]: 5C5851CF1F3: message-id=<20090824183234.5C5851CF1F3@hostname.server-domain.tld>

Aug 24 20:32:34 prod postfix/qmgr[8520]: 5C5851CF1F3: from=<>, size=2025, nrcpt=1 (queue active)

Aug 24 20:32:34 prod postfix/bounce[8555]: 4D0F51CF1F2: sender non-delivery notification: 5C5851CF1F3

Aug 24 20:32:34 prod postfix/qmgr[8520]: 4D0F51CF1F2: removed

Aug 24 20:32:34 prod postfix/cleanup[8551]: 654221CF1EA: message-id=<20090824183234.5C5851CF1F3@hostname.server-domain.tld>

Aug 24 20:32:34 prod postfix/qmgr[8520]: 654221CF1EA: from=<>, size=2162, nrcpt=1 (queue active)

Aug 24 20:32:34 prod postfix/local[8556]: 5C5851CF1F3: to=<root@hostname.server-domain.tld>, relay=local, delay=0.04, delays=0.02/0.01/0/0.01, dsn=2.0.0, status=sent (forwarded as 654221CF1EA)

Aug 24 20:32:34 prod postfix/qmgr[8520]: 5C5851CF1F3: removed

It looks like the message gets bounced now. Is it possible to send it to /dev/null instead? It's not a big problem if this is not possible. Getting all those messages out of the queue was my first priority. Completely ignoring them would be a better option, but as I said, not strictly necessary.

Quote:

Originally Posted by MrM (Post 201966)

..completely ignoring them would be a better option, but as I said, not strictly necessary.

Take a look at postfix restrictions parameters .. expecially at "reject_unknown_recipient_domain"

Requirements: the dns (mx or a) records of that provider domain must no longer exist.

If it suits your needs you will able ( modding your /etc/postfix/main.cf ) to do the trick in a better way ..you can avoid to receive the entire messages before dropping them (blocking them at smtp first dialog level) .. saving bandwith :-)

Bye..

bajodel.

Quote:

Originally Posted by bajodel (Post 201984)

Take a look at postfix restrictions parameters .. expecially at "reject_unknown_recipient_domain"

Requirements: the dns (mx or a) records of that provider domain must no longer exist.

In this case, the MX record still exists, but the SMTP server is no longer responding, so I guess this option will not help.

The provider in question is actually email.si:

Code:

$ dig email.si IN MX

...

;; ANSWER SECTION:

email.si.                3421        IN        MX        20 mx5.email.si.





$ telnet mx5.email.si 25

Trying 81.24.97.24...

telnet: Unable to connect to remote host: Connection timed out

Quote:

Originally Posted by bajodel (Post 201984)

If it suits your needs you will able ( modding your /etc/postfix/main.cf ) to do the trick in a better way ..you can avoid to receive the entire messages before dropping them (blocking them at smtp first dialog level) .. saving bandwith :-)

Heh, bandwidth actually isn't a problem in this case, since the postfix server is only being used by the websites running on the same server. I was only hoping to get rid of the log entries and bounced messages, but as I said before, it's just a minor annoyance, not a serious issue. The bulk of the problem has already been solved with till's suggestion.

Quote:

Originally Posted by MrM (Post 201986)

In this case, the MX record still exists ..[CUT]..

Ok.. it's not so clean ..but you can 'cook' fake ones :-) configuring that domain in your dns with a TEXT record only.
Postfix will look at MX and A records -> not present -> reject

Quote:

Originally Posted by MrM (Post 201986)

..[CUT].. bandwidth actually isn't a problem in this case ..[CUT]..

Ok.. maybe it is not a problem for you, but it could be usefull for others..

Bye..

bajodel.

Quote:

Originally Posted by bajodel (Post 201987)

Ok.. it's not so clean ..but you can 'cook' fake ones :-) configuring that domain in your dns with a TEXT record only.
Postfix will look at MX and A records -> not present -> reject

I'll do that. Thanks for the idea. ;)

Quote:

Originally Posted by bajodel (Post 201987)

Ok.. maybe it is not a problem for you, but it could be usefull for others..

You're right. Sorry if I sounded ungrateful.

Thanks, till and bajodel, for helping out.