Q. I’ve Postfix based CentOS Linux server. I need to blacklist email ID: user@abadboy.com . How do I blacklist email address with postfix? I also have spamassassin software installed.
A. By default, the Postfix SMTP server accepts any sender address. However you can block / blacklist sender email address easily with Postfix. It has SMTP server access table.
Open /etc/postfix/sender_access file
# cd /etc/postfix
# vi sender_access
Append sender email id as follows:
user@abadboy.com REJECT
Save and close the file. Use postmap command to create a database:
# postmap hash:sender_access
Now open main.cf and add code as follows:
smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_access
Save and close the file. Restart / reload postfix MTA:
# /etc/init.d/postfix restart
You can also use spamassassin to blacklist email address. Just add to your own spamassassin configuration or to /etc/mail/spamassassin/local.cf file:
# vi /etc/mail/spamassassin/local.cf
Append blacklist as follows:
blacklist_from user@abadboy.com
Save and close the file. Restart spamassassin:
# /etc/init.d/spamassassin restart
spamassassin will marke mail as SPAM instead of rejecting the same.
🐧 28 comments so far... add one ↓
| Category | List of Unix and Linux commands |
|---|---|
| File Management | cat |
| Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Network Utilities | dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
| Searching | grep • whereis • which |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
Thanks! Very helpful.
Ony one slight error: The main.cf line should read:
Thanks for the heads up!
Please correct to:
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
Using the given line, the mail server will not accept communication…yet shows to be running.
Test with ‘telnet localhost 25’
Normally, you should get a response such as:
220 {yourmailserverFQDN} ESMTP Postfix
While not stated above, this should work for whitelisting senders as well. Ideal when you don’t want to whitelist someone’s misconfigured exchange server.
I am not able to start internet from RHEL 5
please help me out!!!
plz give step by step instructions
Hey still have problem ? please fixed it. Other wise newbie may be confused?
@Jacki,
Do you see any problem with configuration?
yes I followed your tips.
smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_accessShould be….
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_accessThanks
Thanks for your tips.
I think Jacki have wrong. It’s well smtpd_recipient_restrictions.
(excuse my english i am from France)
Bye
@Tom
Yes it will work & and work as recipient_restrictions. This E-mail address still can send e-mail not receive since theres two separate option in postfix to block e-mail address receiving & sending email to this server.
/etc/postfix/main.cf:smtpd_sender_restrictions = hash:/etc/postfix/sender_access
unverified_sender_reject_code = 550
# Postfix 2.6 and later.
# unverified_sender_defer_code = 250
# Note 1: Be sure to read the "Caching" section below!
# Note 2: Avoid hash files here. Use btree instead.
address_verify_map = btree:/var/lib/postfix/verify
/etc/postfix/sender_access:
aol.com reject_unverified_sender
hotmail.com reject_unverified_sender
bigfoot.com reject_unverified_sender
... etcetera ...
/etc/postfix/main.cf:
smtpd_recipient_restrictions =
permit_mynetworks
reject_unauth_destination
...
reject_unknown_recipient_domain
reject_unverified_recipient
...
# Postfix 2.6 and later privacy feature.
# unverified_recipient_reject_reason = Address lookup failed
Could this be used as a method of blocking mail sent to a valid user, but with a bogus TO address?
Vivek, PLEASE fix your tutorial above. Following your instructions will make POSTFIX break, and not accept any SMTP connections. The correct line is:
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_accessThanks for this tutorial! Besides this minor frustration, GREAT article.
Respected Sir,
Please help me regarding smtp sender mails block. I need to block some users should not send mails to other domain but they get receipt mail from other domain also they send same domain to each others.
Thanks
krish
Hi
I would like to block mails coming from all domains and and allow only those mails from the domains which are whitelisted.
If I use
blacklist_from *@* all the domains are marked as SPAM and even the whitelist domains are also makred as spam. How can I place a rule for blocking all other domains editing the /etc/mail/spamassassin/local.cf and or with .procmailrc file. Any suggestion or help would be appreciated.
Thank you
Manish
Does anyone know of a way to blacklist a sender address that works?
In main.cf, the smtpd_sender_restrictions directive *requires* one of four possible options at the end, otherwise postfix will not accept any mail at all. I think this guide should include this because I followed it verbatim and broke postfix, just like neotexan pointed out above in his comment on January 21, 2008 at 5:09 pm.
See here: http://www.postfix.org/postconf.5.html
IMPORTANT: If you change this parameter setting, you must specify at least one of the following restrictions. Otherwise Postfix will refuse to receive mail:
reject, defer, defer_if_permit, reject_unauth_destination
hi all,
after that i run the following command like below:
cobu.email@gmail.com REJECT
# postmap hash:sender_access
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
# /etc/init.d/postfix restart
i still can send email from cobu.email@gmail.com to my account on postfix mail server.
did i missing something ?
did anyone can help me ?
Regards,
danduz
Thanks for this nice post. Keep up the good work :)
What about having the allowed senders in a MySQL database instead of a file ?
Hi,
I would like to configure my postfix to block all unknown sender and allow the known sender to send email, can i use this parameter below ?????
*****************************************************************
# vi sender_access
all@abadboy.com PERMIT
all@abadboy.com REJECT
*****************************************************************
Sorry for my first post.. correction below..
*****************************************************************
# vi sender_access
all@aGOODboy.com PERMIT
all@aBADboy.com REJECT
*****************************************************************
Hi,
i wants to accept mail from blocked users and discard mail in Postfix server itself with out any bounce back.
Pls give some tips ASAP…………
@dnaduz you may have fixed it, however it could be that you need to move the rule up the line….that worked for me!
It doesn’t work am still getting emails from an address I blocked :(
I want to discard any email that is recieved on my domain account i.e anonymous@mydomain.com using postfix. Can you guide me regarding it ?
Hi,
I have MySQL table listing allowed sender email addresses. I like to receive emails only from allowed people. Can I do this using MySQL instead of file? Also, I like to collect email address of sender who sent email, but wasn’t allowed so I can send him/her custom auto reply. Any way to do this?
Thanks
How do i remove separate spam mail id
Hi,
I am currently using FC21 as my email server. and I followed the instructions here but I still get annoying emails from user@qq.com with chinese characters that I don’t understand.
Please help me.
Thank you