Submitted by masterg0g0 on Sun, 09/16/2018 - 14:52 Pro Licensee
Hello,
need some help to ban some emails being sent to my server.
- There is a domain which i want to block recieving emails to my server. how could i do this properly from an admin point of view.
- If a particular user email id on my server is recieving spam, how could this user ban the a particular domain emails to recieve emails from.. i have tried setting up the filter .. but apparently spam emails are still being recieved.
thanks
Status:
Active
Comments
Submitted by andreychek on Sun, 09/16/2018 - 15:28 Comment #1
Howdy -- thanks for contacting us!
Anytime I'm looking to blacklist all email from a given domain, I add a line like the following to my /etc/spamassassin/local.cf file:
blacklist_from *@domain.tld
And then restart SpamAssassin:
service spamassassin restart
Let us know if that does the trick!
Submitted by masterg0g0 on Sun, 09/16/2018 - 15:48 Pro Licensee Comment #2
And if there a way for a usermin user to add filter for an entire domain?
Submitted by masterg0g0 on Mon, 09/17/2018 - 06:17 Pro Licensee Comment #3
I have set the blacklist but i am still recieving emails ..
How can debug this to know how or from where are these emails sneaking in? log below
Sep 17 13:11:22 server2 postfix/local[19445]: D855CD0A7E: to=<info-inconsulting.tech@server2.interstellarconsulting.com>, orig_to=<info@inconsulting.tech>, relay=local, delay=1.3, delays=1.2/0.01/0/0.09, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME)
Sep 17 13:11:23 server2 postfix/local[19445]: D855CD0A7E: to=<info-inconsulting.tech@server2.interstellarconsulting.com>, orig_to=<info@inconsulting.tech>, relay=local, delay=1.4, delays=1.2/0.01/0/0.14, dsn=2.0.0, status=sent (forwarded as D489ED0A7F)
Submitted by andreychek on Mon, 09/17/2018 - 09:02 Comment #4
Can you share what your local.cf looks like now?
Also, just to verify, was SpamAssassin restarted?
Submitted by masterg0g0 on Mon, 09/17/2018 - 16:37 Pro Licensee Comment #5
Yes, i had applied the spamassasin settings.. and below is the config file now.
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# Only a small subset of options are listed below
#
###########################################################################
# Add *****SPAM***** to the Subject header of spam e-mails
#
# rewrite_header Subject *****SPAM*****
# Save spam messages as a message/rfc822 MIME attachment instead of
# modifying the original message (0: off, 2: use text/plain instead)
#
# report_safe 1
# Set which networks or hosts are considered 'trusted' by your mail
# server (i.e. not spammers)
#
# trusted_networks 212.17.35.
# Set file-locking method (flock is not safe over NFS, but is faster)
#
# lock_method flock
# Set the threshold at which a message is considered spam (default: 5.0)
#
# required_score 5.0
# Use Bayesian classifier (default: 1)
#
# use_bayes 1
# Bayesian classifier auto-learning (default: 1)
#
# bayes_auto_learn 1
# Set headers which may provide inappropriate cues to the Bayesian
# classifier
#
# bayes_ignore_header X-Bogosity
# bayes_ignore_header X-Spam-Flag
# bayes_ignore_header X-Spam-Status
# Whether to decode non- UTF-8 and non-ASCII textual parts and recode
# them to UTF-8 before the text is given over to rules processing.
#
# normalize_charset 1
# Some shortcircuiting, if the plugin is enabled
#
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
#
# default: strongly-whitelisted mails are *really* whitelisted now, if the
# shortcircuiting plugin is active, causing early exit to save CPU load.
# Uncomment to turn this on
#
# shortcircuit USER_IN_WHITELIST on
# shortcircuit USER_IN_DEF_WHITELIST on
# shortcircuit USER_IN_ALL_SPAM_TO on
# shortcircuit SUBJECT_IN_WHITELIST on
# the opposite; blacklisted mails can also save CPU
#
# shortcircuit USER_IN_BLACKLIST on
# shortcircuit USER_IN_BLACKLIST_TO on
# shortcircuit SUBJECT_IN_BLACKLIST on
# if you have taken the time to correctly specify your "trusted_networks",
# this is another good way to save CPU
#
# shortcircuit ALL_TRUSTED on
# and a well-trained bayes DB can save running rules, too
#
# shortcircuit BAYES_99 spam
# shortcircuit BAYES_00 ham
endif # Mail::SpamAssassin::Plugin::Shortcircuit
blacklist_from *@qq.com
Submitted by andreychek on Mon, 09/17/2018 - 19:44 Comment #6
Hmm, just to rule this out as being the issue, could you try moving that line to above the "ifplugin Mail::SpamAssassin::Plugin::Shortcircuit" line in there?
I wouldn't have thought that would cause the issue, but everything else looks good.