Postfix blacklist or reject an email address

by on July 4, 2007 · 26 comments· LAST UPDATED November 6, 2007

in , ,

Q. I’ve Postfix based CentOS Linux server. I need to blacklist email ID: . How do I blacklist email address with postfix? I also have spamassassin software installed.

A. By default, the Postfix SMTP server accepts any sender address. However you can block / blacklist sender email address easily with Postfix. It has SMTP server access table.

Open /etc/postfix/sender_access file
# cd /etc/postfix
# vi sender_access

Append sender email id as follows: REJECT
Save and close the file. Use postmap command to create a database:
# postmap hash:sender_access
Now open and add code as follows:
smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_access
Save and close the file. Restart / reload postfix MTA:
# /etc/init.d/postfix restart

You can also use spamassassin to blacklist email address. Just add to your own spamassassin configuration or to /etc/mail/spamassassin/ file:
# vi /etc/mail/spamassassin/
Append blacklist as follows:
Save and close the file. Restart spamassassin:
# /etc/init.d/spamassassin restart

spamassassin will marke mail as SPAM instead of rejecting the same.

Tweet itFacebook itG+ itDownload PDF versionFound an error/typo on this page?

{ 26 comments… read them below or add one }

1 Jules November 5, 2007 at 2:56 pm

Thanks! Very helpful.

Ony one slight error: The line should read:

smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_access


2 nixCraft November 6, 2007 at 7:15 am

Thanks for the heads up!


3 neotexan January 21, 2008 at 5:09 pm

Please correct to:

smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access

Using the given line, the mail server will not accept communication…yet shows to be running.

Test with ‘telnet localhost 25′

Normally, you should get a response such as:
220 {yourmailserverFQDN} ESMTP Postfix


4 neotexan January 21, 2008 at 5:13 pm

While not stated above, this should work for whitelisting senders as well. Ideal when you don’t want to whitelist someone’s misconfigured exchange server.


5 Mihir May 5, 2008 at 12:13 pm

I am not able to start internet from RHEL 5
please help me out!!!
plz give step by step instructions


6 Jacki March 8, 2009 at 1:55 pm

Hey still have problem ? please fixed it. Other wise newbie may be confused?


7 nixCraft March 8, 2009 at 4:57 pm


Do you see any problem with configuration?


8 Jacki March 9, 2009 at 2:38 pm

yes I followed your tips.

smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_access

Should be….
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access



9 Tom March 9, 2009 at 9:00 pm

Thanks for your tips.
I think Jacki have wrong. It’s well smtpd_recipient_restrictions.
(excuse my english i am from France)


10 Jacki March 11, 2009 at 3:19 pm


Yes it will work & and work as recipient_restrictions. This E-mail address still can send e-mail not receive since theres two separate option in postfix to block e-mail address receiving & sending email to this server.

smtpd_sender_restrictions = hash:/etc/postfix/sender_access
unverified_sender_reject_code = 550
# Postfix 2.6 and later.
# unverified_sender_defer_code = 250

# Note 1: Be sure to read the "Caching" section below!
# Note 2: Avoid hash files here. Use btree instead.
address_verify_map = btree:/var/lib/postfix/verify

/etc/postfix/sender_access: reject_unverified_sender reject_unverified_sender reject_unverified_sender
... etcetera ...

smtpd_recipient_restrictions =
# Postfix 2.6 and later privacy feature.
# unverified_recipient_reject_reason = Address lookup failed


11 John December 11, 2009 at 1:29 am

Could this be used as a method of blocking mail sent to a valid user, but with a bogus TO address?


12 Nick February 5, 2010 at 3:13 pm

Vivek, PLEASE fix your tutorial above. Following your instructions will make POSTFIX break, and not accept any SMTP connections. The correct line is:

smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access

Thanks for this tutorial! Besides this minor frustration, GREAT article.


13 krish May 8, 2010 at 5:40 am

Respected Sir,
Please help me regarding smtp sender mails block. I need to block some users should not send mails to other domain but they get receipt mail from other domain also they send same domain to each others.



14 Manish July 17, 2010 at 10:21 pm


I would like to block mails coming from all domains and and allow only those mails from the domains which are whitelisted.
If I use
blacklist_from *@* all the domains are marked as SPAM and even the whitelist domains are also makred as spam. How can I place a rule for blocking all other domains editing the /etc/mail/spamassassin/ and or with .procmailrc file. Any suggestion or help would be appreciated.

Thank you


15 Davo December 12, 2011 at 11:37 am

Does anyone know of a way to blacklist a sender address that works?


16 prl77 August 23, 2012 at 7:22 pm

In, the smtpd_sender_restrictions directive *requires* one of four possible options at the end, otherwise postfix will not accept any mail at all. I think this guide should include this because I followed it verbatim and broke postfix, just like neotexan pointed out above in his comment on January 21, 2008 at 5:09 pm.

See here:

IMPORTANT: If you change this parameter setting, you must specify at least one of the following restrictions. Otherwise Postfix will refuse to receive mail:
reject, defer, defer_if_permit, reject_unauth_destination


17 danduz September 4, 2012 at 3:42 am

hi all,

after that i run the following command like below: REJECT
# postmap hash:sender_access
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
# /etc/init.d/postfix restart

i still can send email from to my account on postfix mail server.
did i missing something ?
did anyone can help me ?



18 Fasil October 2, 2012 at 8:52 pm

Thanks for this nice post. Keep up the good work :)


19 Marios December 10, 2012 at 9:42 am

What about having the allowed senders in a MySQL database instead of a file ?


20 Karl February 15, 2013 at 12:32 pm


I would like to configure my postfix to block all unknown sender and allow the known sender to send email, can i use this parameter below ?????

# vi sender_access PERMIT REJECT


21 Karl February 15, 2013 at 12:34 pm

Sorry for my first post.. correction below..

# vi sender_access PERMIT REJECT


22 Kiruba May 14, 2013 at 5:04 am


i wants to accept mail from blocked users and discard mail in Postfix server itself with out any bounce back.

Pls give some tips ASAP…………


23 Ojay May 25, 2013 at 11:32 pm

@dnaduz you may have fixed it, however it could be that you need to move the rule up the line….that worked for me!


24 Doesn't work October 25, 2013 at 4:07 am

It doesn’t work am still getting emails from an address I blocked :(


25 shahzaibcb December 29, 2013 at 11:31 am

I want to discard any email that is recieved on my domain account i.e using postfix. Can you guide me regarding it ?


26 Sam June 16, 2014 at 5:21 pm


I have MySQL table listing allowed sender email addresses. I like to receive emails only from allowed people. Can I do this using MySQL instead of file? Also, I like to collect email address of sender who sent email, but wasn’t allowed so I can send him/her custom auto reply. Any way to do this?



Leave a Comment

Tagged as: , , , , , , , ,

Previous Faq:

Next Faq: