Reject emails to specific email addresses with postfix

postfixzimbra

I want to reject any inbound email to compromised@example.com, an example more people would want this would be internal distribution groups/aliases.

I've tried header_checks without success:

zmlocalconfig -e postfix_header_checks="pcre:/opt/zimbra/conf/custom_header_checks"

contents of /opt/zimbra/conf/custom_header_checks

/^To:compromised@example.com/ REJECT Mailbox no longer valid

However I still do not get the rejection.

I also tried some of the configuration from Refuse to send email to specific recipients with Postfix since he had things configured in reverse which is what I'm looking for.

zmlocalconfig -e smtpd_recipient_restrictions=check_recipient_access hash:/opt/zimbra/conf/custom_recipient_blocklist

/opt/zimbra/conf/custom_recipient_blocklist

compromised@example.com/ REJECT

This also did not work as intended.

Best Answer

The issue was hash is not listed in postconf -m

Final configuration from per-address access controls

postconf -e smtpd_recipient_restrictions='reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unlisted_recipient, reject_invalid_helo_hostname, reject_non_fqdn_sender, check_recipient_access lmdb:/opt/zimbra/conf/postfix_recipient_access, permit'

contents of /opt/zimbra/conf/postfix_recipient_access

compromised@example.com REJECT

rcpt to:compromised@example.com

554 5.7.1 : Recipient address rejected: Access denied

To make changes,

echo anotherguy@example.com reject >> /opt/zimbra/conf/postfix_recipient_access
postmap /opt/zimbra/conf/postfix_recipient_access
Related Topic