![](https://seccdn.libravatar.org/avatar/4505047963344fccd4c57e90ca1b4ec2.jpg?s=120&d=mm&r=g)
From: "Theo v. Werkhoven"
Thu, 23 Feb 2006, by drankin@cox-internet.com:
Sandy, List:
I need a little more help with syntax in my /etc/postfix/recipient_check file. I have several domains resolving to my IP. I am rejecting certain common system names using the /etc/postfix/recipient_check scheme Sandy suggested when my server was getting bombarded a while back. It works great. But as I need to block more and more of these accounts, I have to make multiple entries for each domain that points to my server. Is there any syntax I could use in the file that would reject mail for all domains, say for support@domain without having to specifically list support@domain1, support@domain2, etc... in the recipient_check file? My current recipient_check file is:
[david@bonza ~]$ cat /etc/postfix/recipient_check sales@rankin-bertin.com REJECT assistance@rankin-bertin.com REJECT [..] Is there an easier way to do this??? I plan on adding all system accounts to the file.
Sorry for barging in, but that is absolutely the wrongest way possible to do this. If you don't want mail for a user, be it local or virtual, then just do not put the user in your aliases table, /etc/passdwd file, relay_recipient_maps, local_recipient_maps, virtual_aliases_maps etc and set unknown_local_recipient_reject_code = 550.
That way Postfix will tell all unknown users they're not welcome.
Do *not* use a catch-all, unless you're willing to deal with the torrents of spam arriving in your mailbox.
Don't forget that mail for certain accounts are mandatory to to receive, like abuse and postmaster.
Theo
Thanks Theo, that is good information. And, I appologize, I didn't really mean "all system accounts." The problem is those creative spammers are beginning to send spam to users like uucp@rankin-bertin.com, etc... What I am looking for is a way to have postfix reject mail sent to these accounts with 550. My current setup is this: [root@bonza david]# postconf -n <snip> mydestination = $myhostname, localhost.$mydomain, $mydomain, rankin-bertin.com, guillorylaw.com, rankinlawfirm.com, drrankin.com myorigin = $mydomain <snip> smtpd_hard_error_limit = 3 smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, check_recipient_access hash:/etc/postfix/recipient_check unknown_local_recipient_reject_code = 550 with [david@bonza ~]$ cat /etc/postfix/recipient_check uucp@rankin-bertin.com REJECT uucp@guillorylaw.com REJECT uucp@rankinlawfirm.com REJECT uucp@drrankin.com REJECT How are you guys handling/rejecting mail sent to these type of systmem accounts? I like Per's pcre approach, that at least cuts down on typing. Is this the right approach for what it is I'm trying to do?? -- David C. Rankin, J.D., P.E. RANKIN LAW FIRM, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax www.rankinlawfirm.com --