≡ Menu

Postfix blacklist or reject an email address

Q. I’ve Postfix based CentOS Linux server. I need to blacklist email ID: user@abadboy.com . How do I blacklist email address with postfix? I also have spamassassin software installed.

A. By default, the Postfix SMTP server accepts any sender address. However you can block / blacklist sender email address easily with Postfix. It has SMTP server access table.

Open /etc/postfix/sender_access file
# cd /etc/postfix
# vi sender_access

Append sender email id as follows:
user@abadboy.com REJECT
Save and close the file. Use postmap command to create a database:
# postmap hash:sender_access
Now open main.cf and add code as follows:
smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_access
Save and close the file. Restart / reload postfix MTA:
# /etc/init.d/postfix restart

You can also use spamassassin to blacklist email address. Just add to your own spamassassin configuration or to /etc/mail/spamassassin/local.cf file:
# vi /etc/mail/spamassassin/local.cf
Append blacklist as follows:
blacklist_from user@abadboy.com
Save and close the file. Restart spamassassin:
# /etc/init.d/spamassassin restart

spamassassin will marke mail as SPAM instead of rejecting the same.

Tweet itFacebook itGoogle+ itPDF itFound an error/typo on this page?

{ 27 comments… add one }

  • Jules November 5, 2007, 2:56 pm

    Thanks! Very helpful.

    Ony one slight error: The main.cf line should read:

    smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_access

  • nixCraft November 6, 2007, 7:15 am

    Thanks for the heads up!

  • neotexan January 21, 2008, 5:09 pm

    Please correct to:

    smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access

    Using the given line, the mail server will not accept communication…yet shows to be running.

    Test with ‘telnet localhost 25’

    Normally, you should get a response such as:
    220 {yourmailserverFQDN} ESMTP Postfix

  • neotexan January 21, 2008, 5:13 pm

    While not stated above, this should work for whitelisting senders as well. Ideal when you don’t want to whitelist someone’s misconfigured exchange server.

  • Mihir May 5, 2008, 12:13 pm

    I am not able to start internet from RHEL 5
    please help me out!!!
    plz give step by step instructions

  • Jacki March 8, 2009, 1:55 pm

    Hey still have problem ? please fixed it. Other wise newbie may be confused?

  • nixCraft March 8, 2009, 4:57 pm


    Do you see any problem with configuration?

  • Jacki March 9, 2009, 2:38 pm

    yes I followed your tips.

    smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_access

    Should be….
    smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access


  • Tom March 9, 2009, 9:00 pm

    Thanks for your tips.
    I think Jacki have wrong. It’s well smtpd_recipient_restrictions.
    (excuse my english i am from France)

  • Jacki March 11, 2009, 3:19 pm


    Yes it will work & and work as recipient_restrictions. This E-mail address still can send e-mail not receive since theres two separate option in postfix to block e-mail address receiving & sending email to this server.

    smtpd_sender_restrictions = hash:/etc/postfix/sender_access
    unverified_sender_reject_code = 550
    # Postfix 2.6 and later.
    # unverified_sender_defer_code = 250

    # Note 1: Be sure to read the "Caching" section below!
    # Note 2: Avoid hash files here. Use btree instead.
    address_verify_map = btree:/var/lib/postfix/verify

    aol.com reject_unverified_sender
    hotmail.com reject_unverified_sender
    bigfoot.com reject_unverified_sender
    ... etcetera ...

    smtpd_recipient_restrictions =
    # Postfix 2.6 and later privacy feature.
    # unverified_recipient_reject_reason = Address lookup failed

  • John December 11, 2009, 1:29 am

    Could this be used as a method of blocking mail sent to a valid user, but with a bogus TO address?

  • Nick February 5, 2010, 3:13 pm

    Vivek, PLEASE fix your tutorial above. Following your instructions will make POSTFIX break, and not accept any SMTP connections. The correct line is:

    smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access

    Thanks for this tutorial! Besides this minor frustration, GREAT article.

    • krish May 8, 2010, 5:40 am

      Respected Sir,
      Please help me regarding smtp sender mails block. I need to block some users should not send mails to other domain but they get receipt mail from other domain also they send same domain to each others.


  • Manish July 17, 2010, 10:21 pm


    I would like to block mails coming from all domains and and allow only those mails from the domains which are whitelisted.
    If I use
    blacklist_from *@* all the domains are marked as SPAM and even the whitelist domains are also makred as spam. How can I place a rule for blocking all other domains editing the /etc/mail/spamassassin/local.cf and or with .procmailrc file. Any suggestion or help would be appreciated.

    Thank you

  • Davo December 12, 2011, 11:37 am

    Does anyone know of a way to blacklist a sender address that works?

  • prl77 August 23, 2012, 7:22 pm

    In main.cf, the smtpd_sender_restrictions directive *requires* one of four possible options at the end, otherwise postfix will not accept any mail at all. I think this guide should include this because I followed it verbatim and broke postfix, just like neotexan pointed out above in his comment on January 21, 2008 at 5:09 pm.

    See here: http://www.postfix.org/postconf.5.html

    IMPORTANT: If you change this parameter setting, you must specify at least one of the following restrictions. Otherwise Postfix will refuse to receive mail:
    reject, defer, defer_if_permit, reject_unauth_destination

  • danduz September 4, 2012, 3:42 am

    hi all,

    after that i run the following command like below:

    cobu.email@gmail.com REJECT
    # postmap hash:sender_access
    smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
    # /etc/init.d/postfix restart

    i still can send email from cobu.email@gmail.com to my account on postfix mail server.
    did i missing something ?
    did anyone can help me ?


  • Fasil October 2, 2012, 8:52 pm

    Thanks for this nice post. Keep up the good work :)

  • Marios December 10, 2012, 9:42 am

    What about having the allowed senders in a MySQL database instead of a file ?

  • Karl February 15, 2013, 12:32 pm


    I would like to configure my postfix to block all unknown sender and allow the known sender to send email, can i use this parameter below ?????

    # vi sender_access
    all@abadboy.com PERMIT
    all@abadboy.com REJECT

  • Karl February 15, 2013, 12:34 pm

    Sorry for my first post.. correction below..

    # vi sender_access
    all@aGOODboy.com PERMIT
    all@aBADboy.com REJECT

  • Kiruba May 14, 2013, 5:04 am


    i wants to accept mail from blocked users and discard mail in Postfix server itself with out any bounce back.

    Pls give some tips ASAP…………

  • Ojay May 25, 2013, 11:32 pm

    @dnaduz you may have fixed it, however it could be that you need to move the rule up the line….that worked for me!

  • Doesn't work October 25, 2013, 4:07 am

    It doesn’t work am still getting emails from an address I blocked :(

  • shahzaibcb December 29, 2013, 11:31 am

    I want to discard any email that is recieved on my domain account i.e anonymous@mydomain.com using postfix. Can you guide me regarding it ?

  • Sam June 16, 2014, 5:21 pm


    I have MySQL table listing allowed sender email addresses. I like to receive emails only from allowed people. Can I do this using MySQL instead of file? Also, I like to collect email address of sender who sent email, but wasn’t allowed so I can send him/her custom auto reply. Any way to do this?


  • chinnachamy May 25, 2015, 5:17 am

    How do i remove separate spam mail id

Leave a Comment