Postfix Block Emails from Specific Domains CentOS 6 / RHEL 6

As the battle to fight spam continues on the mail relay that serves our shared hosting services, we started working on a new way to stop spam from being sent. We have some customers who end up with compromised sites over and over again. These customers often don’t care that their site is infected get get irritated when we suspend their accounts. Some of them have asked us to simply remove email permissions from their accounts. Great, but the problem is cPanel doesn’t provide an easy way to do so. Our solution was to configure Postfix to discard emails that originate from these abusive domains. This is also a great way to temporarily revoke email sending permissions from abusive accounts without having to actually suspend their service.

1) To begin, we created a new file in /etc/postfix called “sender_access”

vim /etc/postfix/sender_access

2) In this file, you can enter domain names followed by the action you would like to perform. The two we use are reject (return to sender) or discard. We primarily discard spam since rejecting it would cause it to pile up on our shared hosting servers.

domain1.com DISCARD
abusivecustomer.net DISCARD
example2.org REJECT

3) Don’t forget to postmap the file to prepare it for Postfix to use. Every time you modify the file, you must postmap it again or the changes won’t take affect.

postmap /etc/postfix/sender_access

4) Now, we need to tell Postfix to look at our new file. This is done through main.cf with the smtpd_sender_restrictions header. The smtpd_sender_restrictions header is not in the main.cf configuration by default. If you can’t find it, just add it to the bottom of the file.

vim /etc/postfix/main.cf
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access

5) Restart Postfix

service postfix restart

6) Once a message comes in from one of the domains in your sender_access file, you should be able to see it being discarded or rejected in /var/log/maillog.

Apr  1 00:49:14 mail postfix/smtpd[20499]: NOQUEUE: discard: RCPT from host1.myhost.com[1.2.3.4]: <benjamin_waller@baddomain.org>: Sender address triggers DISCARD action; from=<benjamin_waller@baddomain.org> to=<innocent_client@gmail.com> proto=ESMTP helo=<host1.myhost.com>

You should be good to go! Happy spam filtering!

Leave a Reply