Block .top and .pro domain

[Hala]

Hello
i try to block the domain (.top,.pro,xyz...) by black list them using
[root@mail ~]# vi /opt/zimbra/conf/salocal.cf.in
blacklist_from *.pro
blacklist_from *.top

and by
[root@mail ~]# vi /opt/zimbra/conf/amavisd.conf.in
‘*.pro’ => 10.0,
‘*.top’ => 10.0,

and by blocking IP
/opt/zimbra/conf/postfix_blacklist
1.2.3.4 REJECT

The AS/AV setting
Kill percent 60
Tag Percent 20

We still recieve emails from these domain ( junk folder for user account)
How can i block/Discard /Drop it completely , i dont want to recieve it in (Junk folder)

Thx

[imanudin11]

Hi,
You can increase the value from amavisd.conf.in so that like below

Code: Select all

‘*.pro’ => 100.0,
‘*.top’ => 100.0,

[Hala]

Thanks You...
Can I forward copy from these Discard emails to specific destination email??

Thanks

[Hala]

I'm surprised
It is not successes for all domain that i want to block like ".cf" and " ca"........... ..
i set the value
'*@*.cf' => 100.0,

Any one Know Why???

[imanudin11]

I'm surprised
It is not successes for all domain that i want to block like ".cf" and " ca"........... ..
i set the value
'*@*.cf' => 100.0,

Any one Know Why???

Hi,

Please try to use this configuration

Code: Select all

'.cf'                                => 100.0,

[yellowhousejake]

We have had better luck blocking the vanity domains in Postifx.

In /opt/zimbra/postfix/conf create a file 'reject.re'

Populate like so,
######################
# Note! OUR choices, these may not work for you. Use at your OWN risk.
######################
## TLD Rejections
/\.bid$/ REJECT
/\.accountant$/ REJECT
/\.download$/ REJECT
/\.wang$/ REJECT
/\.racing$/ REJECT
/\.review$/ REJECT
/\.party$/ REJECT
/\.date$/ REJECT
/\.faith$/ REJECT
/\.link$/ REJECT
/\.work$/ REJECT
/\.science$/ REJECT
/\.xyz$/ REJECT
/\.asia$/ REJECT
/\.rocks$/ REJECT
/\.click$/ REJECT
/\.yoga$/ REJECT
/\.webcam$/ REJECT
/\.state$/ REJECT
/\.win$/ REJECT
/\.top$/ REJECT


In your main.cf you will need to add that file to the appropriate line like so (example off the top of my head! Your line will be populated already with many other files.)
smtpd_client_restrictions = pcre:/opt/zimbra/postfix/conf/reject.re

Reload Postfix.

We had only issues with domains ending in .biz. Honestly, none of the departments cared if we left them blocked, they were not interested in the vendors anyway.

This stopped a very large amount of spam, the monitor charts in Zimbra bottomed out for months until the graphs were pushed left. Any reasonable email administrator would cringe at what we did and likely begin pushing needles into their voodoo doll. However, we are a small rural town and we can even get away with blocking connections to our border from outside the US.

DAve

[quanah]

Hello
i try to block the domain (.top,.pro,xyz...) by black list them using
[root@mail ~]# vi /opt/zimbra/conf/salocal.cf.in
blacklist_from *.pro
blacklist_from *.top

and by
[root@mail ~]# vi /opt/zimbra/conf/amavisd.conf.in
‘*.pro’ => 10.0,
‘*.top’ => 10.0,

and by blocking IP
/opt/zimbra/conf/postfix_blacklist
1.2.3.4 REJECT

The AS/AV setting
Kill percent 60
Tag Percent 20

We still recieve emails from these domain ( junk folder for user account)
How can i block/Discard /Drop it completely , i dont want to recieve it in (Junk folder)

Thx

You could just assign them a score of 100 in sauser.cf. That would cause them to be discarded.

[mutface]

[SOLVED by https://www.oneday.com.hk/] Sorry - none of the solutions posted on this thread worked for me.

The postfix one doesn't work because /opt/zimbra/postfix/conf/main.cf gets overwritten as soon as postfix is re-loaded..... The real config is stored in /opt/zimbra/conf/zmmta.conf - so any updates to postfix config should go in zmmta.conf.... the directive pcre:/xxx/xxx/reject.re also didn't work I think one is meant to use cifr:/xxxxxx/xxx/reject.re instead.

To make /opt/zimbra/conf/amavisd.conf.in honour the blocking of those domains I had to do this to use regular expression and added the entries under @:-

# ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING

@score_sender_maps = ({ # a by-recipient hash lookup table,
# results from all matching recipient tables are summed

# ## per-recipient personal tables (NOTE: positive: black, negative: white)
# 'user1@example.com' => [{'bla-mobile.press@example.com' => 10.0}],
# 'user3@example.com' => [{'.ebay.com' => -3.0}],
# 'user4@example.com' => [{'cleargreen@cleargreen.com' => -7.0,
# '.cleargreen.com' => -5.0}],

## site-wide opinions about senders (the '.' matches any recipient)
'.' => [ # the _first_ matching sender determines the score boost

new_RE( # regexp-type lookup table, just happens to be all soft-blacklist
[qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0],
[qr'^(greatcasino|Walkin.Bathtub|bathtub|investments|lose_weight_today|market\.alert)@'i=> 5.0],
[qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
[qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers|WalkinBathtub)@'i => 5.0],
[qr'^(stockalert|stopsnoring|wantsome|workathome|vivint|yesitsfree)@'i => 5.0],
[qr'^(your_friend|greatoffers)@'i => 5.0],
[qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0],
## Added by Mutface to stop spam
[qr'@*\.xyz$'i => 30.0],
[qr'@*\.top$'i => 30.0],
[qr'@*\.icu$'i => 30.0],
[qr'@*\.rest$'i => 30.0],
[qr'@*\.live$'i => 30.0],
[qr'@*\.review$'i => 30.0],
[qr'@*\.download$'i => 30.0],
[qr'@*\.win$'i => 30.0],
[qr'@*\.date$'i => 30.0],
[qr'@*\.faith$'i => 30.0],
[qr'@*\.casa$'i => 30.0],
[qr'@*\.london$'i => 30.0],
[qr'@*\.us$'i => 30.0],
[qr'@*\.click$'i => 30.0],
[qr'@*\.webcam$'i => 30.0],
[qr'@*\.bid$'i => 30.0],
[qr'@*\.uno$'i => 30.0],
[qr'@*\.store$'i => 30.0],
[qr'@*\.ml$'i => 30.0],
),

After the changes are made go to the command line and type:-

1) su zimbra
2) zmamavisdctl restart
3) zmmtactl restart

I added a few additional domain names that seem to show up with a lot of spam e.g. *.ml, *.casa, *.london, etc. - if you feel that these are too much you can take them off.