postfix过滤动态IP地址的邮件服务器连接

方法如下,编辑/../etc/postfix/mail.cf文件,加入:
smtpd_sender_restrictions = check_sender_access regexp:/../etc/postfix/blackdynamiclist
保存,
建立/../etc/postfix/blackdynamiclist文件,内容为:
# IP
# /^10.10.1.2$/    REJECT UCE black-listed
# IP block
# /^10.10.1/      REJECT UCE black-listed
# exact domain
# /^example.com$/    REJECT UCE black-listed
# everything in a domain
# /example.com$/     REJECT UCE black-listed
# specific hosts
# /^uce-relay.example.com$/ REJECT UCE black-listed
/dynamic/  REJECT UCE black-listed
/static/  REJECT UCE black-listed
/dsl/  REJECT UCE black-listed
/.dns0755.net$/  REJECT UCE black-listed
/.kmip.net$/  REJECT UCE black-listed
/.bjs.cn$/  REJECT UCE black-listed
/.dipns.net$/  REJECT UCE black-listed
/.hns.cn$/  REJECT UCE black-listed
/.gicp.net$/  REJECT UCE black-listed
/.88ip.net$/  REJECT UCE black-listed
/.vicp.cc$/  REJECT UCE black-listed
/.ip88.net$/  REJECT UCE black-listed
/.tjs.cn$/  REJECT UCE black-listed
/.jxs.cn$/  REJECT UCE black-listed
/.5166.info$/  REJECT UCE black-listed
/.51vip.biz$/  REJECT UCE black-listed
/.dipns.com$/  REJECT UCE black-listed
/.sds.cn$/  REJECT UCE black-listed
/.rr.com$/  REJECT UCE black-listed
/.8800.org$/  REJECT UCE black-listed
/.cable.virginmedia.com$/  REJECT UCE black-listed
/.xicp.net$/  REJECT UCE black-listed
/.9966.org$/  REJECT UCE black-listed
保存,
“#”字符后是注释,要加新的特征可以参考其写法
之后运行:
postfix reload就可以了!
通过运行:
tail -f /var/log/maillog命令可以实时看到邮件的收发记录,经常会看到:
NOQUEUE: reject: RCPT from unknown[xxx.xxx.xxx.xx]: 554 5.7.1 <[email protected]>: Sender address rejected: UCE black-listed…的信息,感觉整个世界都清静了许多!