[BlueOnyx:22891] Re: ban e-mails from *.icu domains
Michael Stauber
mstauber at blueonyx.it
Thu May 9 22:14:37 -05 2019
Hi Meaulnes,
> lately the Mail Delivery Subsystem gets flooded with e-mails sent to
> none existing addresses, all ending in .icu
Yeah, the GUI doesn't allow to block entire TLD's. It was never thought
to be necessary or a good idea. But that was before the advent of junk
TLD's such as this one. I just looked at the GUI page and it's not easy
to extend that form field, as the regular expression for that checks for
valid domains, so there has to be at least one dot in it. It doesn't
accept wildcards, so *.icu won't work. I can't extend this regular
expression to accept wildcards, as we use it elsewhere in place where we
absolutely cannot accept wildcards.
If we add GUI support for this, then it would need to be a separate form
field like "Block Emails from these TLDs".
But maybe you're looking at it from the wrong end. You say your maillog
is full with these. Are these *.icu emails inbound or outbound emails?
If these are outbound, then this would indicate a problem on your
server. Like a compromised user account use for spamming or an abused
script.
If you want to manually add a block for *.icu, you can do this:
Edit /etc/mail/access and put this line into it:
icu 550 Mail rejected from junk TLD
Between "icu" and "550" aren't 3-4 spaces. That's a single TAB
(tabulator key).
Save the changes and then run this command:
cd /etc/mail
make -C all
That will put that change into effect.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list