[SOLVED] Specify Blacklist / Blocking Options

[kransom]

I want to specify how to block a sender (incoming mail) based on the domain. Is there a combination of objects and rules to achieve this?
I added an email in my Blacklist who object wanting to reject all emails coming from 'sender' to kransom@domain1, but this also blocks that sender from getting through to other domains on postfix e.g. domain2.

What I'd like:
*block*
sender@example.com > kransom@domain1.com
*accept*
sender@example.com > kransom@domain2.com

 

[Stoiko Ivanov]

If I understand your question correctly this should be pretty straight forward:
* create one rule with higher priority, a from object with 'sender@example.com' a to object with 'kransom@domain1.com', an action block
* remove 'sender@example.com' from the Blacklist Who object.

 

[kransom]

If I understand your question correctly this should be pretty straight forward:
* create one rule with higher priority, a from object with 'sender@example.com' a to object with 'kransom@domain1.com', an action block
* remove 'sender@example.com' from the Blacklist Who object.

I was able to get this to work. Thank you.
But I am having another issue.

I have 3 who objects
1. 'from blacklist' blocking a domain (let's say example.edu)
2. 'from whitelist' permitting an email address from that domain (someone@example.edu)
3. 'test to' with a domain called 'mydomain.org'

I created 2 rules under Mail Filter
1. 'accept'
- action object > Accept
- from > 'from whitelist'
- to > 'test to'
- priority 100

2. 'deny'
- action object > block
- from > 'from blacklist'
- to > 'test to'
- priority 90

With this configuration. This allow emails from someone@example.edu and block other emails from whatever@example.edu (or *@example.edu), but it is blocking someone@example.edu every time.

 

[Stoiko Ivanov]

This sounds odd - as the described rules should allow someone@example.edu -> mydomain.org
* make sure you have the direction of the rule correct (in&Out if in doubt)
* make sure that the rules are both active

If this does not help - please post the logs of such a mail - then we might be able to say more.

 

[kransom]

After adjusting in&out and rechecking configuration, seems like it is working as expected.

Another question. So I have multiple domains that I want to do this for similar to example.edu. (e.g. one.edu, two.edu, three.edu etc.)
Each of these domains have their own set of emails, networks, ip addrs, and domains that are whitelisted and blacklisted from my previous mail spam filter (I am testing currently to migrate over in the coming weeks).

It seems like I would have to create 2 rules under mail filter (one for rejecting and one for accepting) and 3 who objects (one to define the domain, the 'to', one to define the whitelist for the 'to' domain, and one more to define the blacklist for the 'to' domain). Is there a better way of doing this, or does this sound about right?

 

[Stoiko Ivanov]

It seems like I would have to create 2 rules under mail filter (one for rejecting and one for accepting) and 3 who objects (one to define the domain, the 'to', one to define the whitelist for the 'to' domain, and one more to define the blacklist for the 'to' domain). Is there a better way of doing this, or does this sound about right?

sounds about right to me - but as usual - just test it and keep an eye on the logs!