For whatever reason, the default distributed postfix filter I had on my fail2ban setup on ubuntu was not triggering on: 450 4.1.1 Receipient address rejected: unverified address: unknown user mail.log errors. The failregex line was in there for it, but it wasn’t hitting on the endless dictionary attack random attempts from spammer servers across the world. This was annoying because, in...
Blocking garbage gTLDs with postfix header_checks
In looking at my Postfix mail.logs, I only see the new ICANN vanity gTLDs really generating garbage spam. Lots of press on the mess this all is causing. I got kind of sick of even dealing with that, so here is the header_checks lines I use to block them via postfix if you want to do that on your setup. There are a lot of articles on the internet for this, but I here is what works for me. YMMV...