On 13.09.17 18:48, Moritz Bartl wrote:
Mind sharing that configuration, and maybe even the filters you already set up?
My method is highly Postfix-specific, but I can see that you use Postfix as well. ;-) Here is an example for sender-based rejection (incomplete):
smtpd_sender_restrictions = check_sender_access pcre:${config_directory}/sender_access
# pcre:sender_access /abuse-reporting.webiron.com/ REJECT
That line alone catches most of the useless generated complaints. W.I. holds a special place in my heart due to past misbehaviour, so I don't even bother telling them how to contact me any more and flatly reject all their robot messages.
Combine this with recipient-based checks (incomplete again):
smtpd_recipient_restrictions = check_recipient_access pcre:${config_directory}/recipient_access
# pcre:recipient_access /^abuse@tordom.tld$/ REJECT Please use https://foo/ to report abuse
I imagine you already have a (captcha-protected) ticket system in place. Finally, sprinkle header- and/or body-based checks into the mix:
header_checks = pcre:${config_directory}/header_checks
# pcre:header_checks /^Subject:.+fail2ban generated abuse report/ DISCARD
Not that I actually recommend using DISCARD, mind you, it is just another example. Should you require more specific information about what Postfix checks can do, contact me off-list. I'm guessing you know about these very powerful checks already.
-Ralph