On 13.09.17 18:48, Moritz Bartl wrote:
Mind sharing that configuration, and maybe even the filters you already set up?
My method is highly Postfix-specific, but I can see that you use Postfix as well. ;-) Here is an example for sender-based rejection (incomplete): smtpd_sender_restrictions = check_sender_access pcre:${config_directory}/sender_access # pcre:sender_access /abuse-reporting\.webiron\.com/ REJECT That line alone catches most of the useless generated complaints. W.I. holds a special place in my heart due to past misbehaviour, so I don't even bother telling them how to contact me any more and flatly reject all their robot messages. Combine this with recipient-based checks (incomplete again): smtpd_recipient_restrictions = check_recipient_access pcre:${config_directory}/recipient_access # pcre:recipient_access /^abuse\@tordom\.tld$/ REJECT Please use https://foo/ to report abuse I imagine you already have a (captcha-protected) ticket system in place. Finally, sprinkle header- and/or body-based checks into the mix: header_checks = pcre:${config_directory}/header_checks # pcre:header_checks /^Subject:.+fail2ban generated abuse report/ DISCARD Not that I actually recommend using DISCARD, mind you, it is just another example. Should you require more specific information about what Postfix checks can do, contact me off-list. I'm guessing you know about these very powerful checks already. -Ralph