Hello
i try to block the domain (.top,.pro,xyz...) by black list them using
[root@mail ~]# vi /opt/zimbra/conf/salocal.cf.in
blacklist_from *.pro
blacklist_from *.top
and by
[root@mail ~]# vi /opt/zimbra/conf/amavisd.conf.in
‘*.pro’ => 10.0,
‘*.top’ => 10.0,
and by blocking IP
/opt/zimbra/conf/postfix_blacklist
1.2.3.4 REJECT
The AS/AV setting
Kill percent 60
Tag Percent 20
We still recieve emails from these domain ( junk folder for user account)
How can i block/Discard /Drop it completely , i dont want to recieve it in (Junk folder)
Thx
Block .top and .pro domain
-
- Outstanding Member
- Posts: 304
- Joined: Sat Sep 13, 2014 2:23 am
- ZCS/ZD Version: Release 8.8.15.GA.3829.UBUNTU16.64
- Contact:
Re: Block .top and .pro domain
Hi,
You can increase the value from amavisd.conf.in so that like below
You can increase the value from amavisd.conf.in so that like below
Code: Select all
‘*.pro’ => 100.0,
‘*.top’ => 100.0,
**
Best Regards,
Ahmad Imanudin - Sharing is Beautiful !
Personal Blog [EN] :http://www.imanudin.net
Best Regards,
Ahmad Imanudin - Sharing is Beautiful !
Personal Blog [EN] :http://www.imanudin.net
Re: Block .top and .pro domain
Thanks You...
Can I forward copy from these Discard emails to specific destination email??
Thanks
Can I forward copy from these Discard emails to specific destination email??
Thanks
Re: Block .top and .pro domain
I'm surprised
It is not successes for all domain that i want to block like ".cf" and " ca"........... ..
i set the value
'*@*.cf' => 100.0,
Any one Know Why???
It is not successes for all domain that i want to block like ".cf" and " ca"........... ..
i set the value
'*@*.cf' => 100.0,
Any one Know Why???
-
- Outstanding Member
- Posts: 304
- Joined: Sat Sep 13, 2014 2:23 am
- ZCS/ZD Version: Release 8.8.15.GA.3829.UBUNTU16.64
- Contact:
Re: Block .top and .pro domain
Hi,Hala wrote:I'm surprised
It is not successes for all domain that i want to block like ".cf" and " ca"........... ..
i set the value
'*@*.cf' => 100.0,
Any one Know Why???
Please try to use this configuration
Code: Select all
'.cf' => 100.0,
**
Best Regards,
Ahmad Imanudin - Sharing is Beautiful !
Personal Blog [EN] :http://www.imanudin.net
Best Regards,
Ahmad Imanudin - Sharing is Beautiful !
Personal Blog [EN] :http://www.imanudin.net
-
- Advanced member
- Posts: 133
- Joined: Tue Sep 09, 2014 9:57 am
- ZCS/ZD Version: Release 10.0.1.GA.4518.UBUNTU20_64
Re: Block .top and .pro domain
We have had better luck blocking the vanity domains in Postifx.
In /opt/zimbra/postfix/conf create a file 'reject.re'
Populate like so,
######################
# Note! OUR choices, these may not work for you. Use at your OWN risk.
######################
## TLD Rejections
/\.bid$/ REJECT
/\.accountant$/ REJECT
/\.download$/ REJECT
/\.wang$/ REJECT
/\.racing$/ REJECT
/\.review$/ REJECT
/\.party$/ REJECT
/\.date$/ REJECT
/\.faith$/ REJECT
/\.link$/ REJECT
/\.work$/ REJECT
/\.science$/ REJECT
/\.xyz$/ REJECT
/\.asia$/ REJECT
/\.rocks$/ REJECT
/\.click$/ REJECT
/\.yoga$/ REJECT
/\.webcam$/ REJECT
/\.state$/ REJECT
/\.win$/ REJECT
/\.top$/ REJECT
In your main.cf you will need to add that file to the appropriate line like so (example off the top of my head! Your line will be populated already with many other files.)
smtpd_client_restrictions = pcre:/opt/zimbra/postfix/conf/reject.re
Reload Postfix.
We had only issues with domains ending in .biz. Honestly, none of the departments cared if we left them blocked, they were not interested in the vendors anyway.
This stopped a very large amount of spam, the monitor charts in Zimbra bottomed out for months until the graphs were pushed left. Any reasonable email administrator would cringe at what we did and likely begin pushing needles into their voodoo doll. However, we are a small rural town and we can even get away with blocking connections to our border from outside the US.
DAve
In /opt/zimbra/postfix/conf create a file 'reject.re'
Populate like so,
######################
# Note! OUR choices, these may not work for you. Use at your OWN risk.
######################
## TLD Rejections
/\.bid$/ REJECT
/\.accountant$/ REJECT
/\.download$/ REJECT
/\.wang$/ REJECT
/\.racing$/ REJECT
/\.review$/ REJECT
/\.party$/ REJECT
/\.date$/ REJECT
/\.faith$/ REJECT
/\.link$/ REJECT
/\.work$/ REJECT
/\.science$/ REJECT
/\.xyz$/ REJECT
/\.asia$/ REJECT
/\.rocks$/ REJECT
/\.click$/ REJECT
/\.yoga$/ REJECT
/\.webcam$/ REJECT
/\.state$/ REJECT
/\.win$/ REJECT
/\.top$/ REJECT
In your main.cf you will need to add that file to the appropriate line like so (example off the top of my head! Your line will be populated already with many other files.)
smtpd_client_restrictions = pcre:/opt/zimbra/postfix/conf/reject.re
Reload Postfix.
We had only issues with domains ending in .biz. Honestly, none of the departments cared if we left them blocked, they were not interested in the vendors anyway.
This stopped a very large amount of spam, the monitor charts in Zimbra bottomed out for months until the graphs were pushed left. Any reasonable email administrator would cringe at what we did and likely begin pushing needles into their voodoo doll. However, we are a small rural town and we can even get away with blocking connections to our border from outside the US.
DAve
Re: Block .top and .pro domain
You could just assign them a score of 100 in sauser.cf. That would cause them to be discarded.Hala wrote:Hello
i try to block the domain (.top,.pro,xyz...) by black list them using
[root@mail ~]# vi /opt/zimbra/conf/salocal.cf.in
blacklist_from *.pro
blacklist_from *.top
and by
[root@mail ~]# vi /opt/zimbra/conf/amavisd.conf.in
‘*.pro’ => 10.0,
‘*.top’ => 10.0,
and by blocking IP
/opt/zimbra/conf/postfix_blacklist
1.2.3.4 REJECT
The AS/AV setting
Kill percent 60
Tag Percent 20
We still recieve emails from these domain ( junk folder for user account)
How can i block/Discard /Drop it completely , i dont want to recieve it in (Junk folder)
Thx
--
Quanah Gibson-Mount
Product Architect, Symas http://www.symas.com/
OpenLDAP Core team http://www.openldap.org/project/
Quanah Gibson-Mount
Product Architect, Symas http://www.symas.com/
OpenLDAP Core team http://www.openldap.org/project/
Re: Block .top and .pro domain
[SOLVED by https://www.oneday.com.hk/] Sorry - none of the solutions posted on this thread worked for me.
The postfix one doesn't work because /opt/zimbra/postfix/conf/main.cf gets overwritten as soon as postfix is re-loaded..... The real config is stored in /opt/zimbra/conf/zmmta.conf - so any updates to postfix config should go in zmmta.conf.... the directive pcre:/xxx/xxx/reject.re also didn't work I think one is meant to use cifr:/xxxxxx/xxx/reject.re instead.
To make /opt/zimbra/conf/amavisd.conf.in honour the blocking of those domains I had to do this to use regular expression and added the entries under @:-
# ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING
@score_sender_maps = ({ # a by-recipient hash lookup table,
# results from all matching recipient tables are summed
# ## per-recipient personal tables (NOTE: positive: black, negative: white)
# 'user1@example.com' => [{'bla-mobile.press@example.com' => 10.0}],
# 'user3@example.com' => [{'.ebay.com' => -3.0}],
# 'user4@example.com' => [{'cleargreen@cleargreen.com' => -7.0,
# '.cleargreen.com' => -5.0}],
## site-wide opinions about senders (the '.' matches any recipient)
'.' => [ # the _first_ matching sender determines the score boost
new_RE( # regexp-type lookup table, just happens to be all soft-blacklist
[qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0],
[qr'^(greatcasino|Walkin.Bathtub|bathtub|investments|lose_weight_today|market\.alert)@'i=> 5.0],
[qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
[qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers|WalkinBathtub)@'i => 5.0],
[qr'^(stockalert|stopsnoring|wantsome|workathome|vivint|yesitsfree)@'i => 5.0],
[qr'^(your_friend|greatoffers)@'i => 5.0],
[qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0],
## Added by Mutface to stop spam
[qr'@*\.xyz$'i => 30.0],
[qr'@*\.top$'i => 30.0],
[qr'@*\.icu$'i => 30.0],
[qr'@*\.rest$'i => 30.0],
[qr'@*\.live$'i => 30.0],
[qr'@*\.review$'i => 30.0],
[qr'@*\.download$'i => 30.0],
[qr'@*\.win$'i => 30.0],
[qr'@*\.date$'i => 30.0],
[qr'@*\.faith$'i => 30.0],
[qr'@*\.casa$'i => 30.0],
[qr'@*\.london$'i => 30.0],
[qr'@*\.us$'i => 30.0],
[qr'@*\.click$'i => 30.0],
[qr'@*\.webcam$'i => 30.0],
[qr'@*\.bid$'i => 30.0],
[qr'@*\.uno$'i => 30.0],
[qr'@*\.store$'i => 30.0],
[qr'@*\.ml$'i => 30.0],
),
After the changes are made go to the command line and type:-
1) su zimbra
2) zmamavisdctl restart
3) zmmtactl restart
I added a few additional domain names that seem to show up with a lot of spam e.g. *.ml, *.casa, *.london, etc. - if you feel that these are too much you can take them off.
The postfix one doesn't work because /opt/zimbra/postfix/conf/main.cf gets overwritten as soon as postfix is re-loaded..... The real config is stored in /opt/zimbra/conf/zmmta.conf - so any updates to postfix config should go in zmmta.conf.... the directive pcre:/xxx/xxx/reject.re also didn't work I think one is meant to use cifr:/xxxxxx/xxx/reject.re instead.
To make /opt/zimbra/conf/amavisd.conf.in honour the blocking of those domains I had to do this to use regular expression and added the entries under @:-
# ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING
@score_sender_maps = ({ # a by-recipient hash lookup table,
# results from all matching recipient tables are summed
# ## per-recipient personal tables (NOTE: positive: black, negative: white)
# 'user1@example.com' => [{'bla-mobile.press@example.com' => 10.0}],
# 'user3@example.com' => [{'.ebay.com' => -3.0}],
# 'user4@example.com' => [{'cleargreen@cleargreen.com' => -7.0,
# '.cleargreen.com' => -5.0}],
## site-wide opinions about senders (the '.' matches any recipient)
'.' => [ # the _first_ matching sender determines the score boost
new_RE( # regexp-type lookup table, just happens to be all soft-blacklist
[qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0],
[qr'^(greatcasino|Walkin.Bathtub|bathtub|investments|lose_weight_today|market\.alert)@'i=> 5.0],
[qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
[qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers|WalkinBathtub)@'i => 5.0],
[qr'^(stockalert|stopsnoring|wantsome|workathome|vivint|yesitsfree)@'i => 5.0],
[qr'^(your_friend|greatoffers)@'i => 5.0],
[qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0],
## Added by Mutface to stop spam
[qr'@*\.xyz$'i => 30.0],
[qr'@*\.top$'i => 30.0],
[qr'@*\.icu$'i => 30.0],
[qr'@*\.rest$'i => 30.0],
[qr'@*\.live$'i => 30.0],
[qr'@*\.review$'i => 30.0],
[qr'@*\.download$'i => 30.0],
[qr'@*\.win$'i => 30.0],
[qr'@*\.date$'i => 30.0],
[qr'@*\.faith$'i => 30.0],
[qr'@*\.casa$'i => 30.0],
[qr'@*\.london$'i => 30.0],
[qr'@*\.us$'i => 30.0],
[qr'@*\.click$'i => 30.0],
[qr'@*\.webcam$'i => 30.0],
[qr'@*\.bid$'i => 30.0],
[qr'@*\.uno$'i => 30.0],
[qr'@*\.store$'i => 30.0],
[qr'@*\.ml$'i => 30.0],
),
After the changes are made go to the command line and type:-
1) su zimbra
2) zmamavisdctl restart
3) zmmtactl restart
I added a few additional domain names that seem to show up with a lot of spam e.g. *.ml, *.casa, *.london, etc. - if you feel that these are too much you can take them off.