I want to block specific IP's, that try to login to my postfix server by smtpd. Therefore in the /etc/postfix/main.cf I added the following:
smtpd_client_restrictions =
reject_rbl_client sbl.spamhaus.org,
...
check_client_access hash:/etc/postfix/blacklist
My /etc/postfix/blacklist looks like that:
185.40.4.32 REJECT dont want spammers
80.82.78.96 REJECT dont want spammers
74.208.72.135 REJECT dont want spammers
Of course I created a /etc/postfix/blacklist.db by the command
sudo postmap /etc/postfix/blacklist
and restartet postfix.
But in /var/log/mail.log still the following appears:
Aug 28 13:32:08 server postfix/smtpd[5035]: warning: hostname hosted-by.hostgrad.ru does not resolve to address 185.40.4.32
Aug 28 13:32:08 server postfix/smtpd[5035]: connect from unknown[185.40.4.32]
Aug 28 13:32:13 server postfix/smtpd[5035]: warning: unknown[185.40.4.32]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Aug 28 13:32:13 server postfix/smtpd[5035]: lost connection after AUTH from unknown[185.40.4.32]
Aug 28 13:32:13 server postfix/smtpd[5035]: disconnect from unknown[185.40.4.32]
So obviously the client with the IP 185.40.4.32 still is not blocked. Does anybody have an idea, why?
With...
smtpd_delay_reject = no
it works. But think about this:
SMTP command specific restrictions that are described under the smtpd_helo_restrictions, smtpd_sender_restrictions or smtpd_recipient_restrictions parameters. When helo, sender or recipient restrictions are listed under smtpd_client_restrictions, they have effect only with "smtpd_delay_reject = yes", so that $smtpd_client_restrictions is evaluated at the time of the RCPT TO command.