Is there a catchall mailfilter blacklist entry possible for all subdomains of a domain? Like @*.domain.com?
Are you using amavis or rspamd? And to clarify, you want subdomains blocked but not the top level domain?
I'm using amavis (for the time being, with plans to move to rspamd), and I wouldn't mind having the top domain blocked, too.
Old (?) tutorial. Read also comments: https://www.howtoforge.com/tutorial/how-to-block-email-from-certain-tld-in-ispconfig/
Conferring with previous notes, you can create a rule for an individual recipient which matches the Return-Path header to block by envelop sender address, and you can match the From header if that's what you want. It seems blocking by sender via the spamfilter blacklist is not an option currently (assuming my notes there are (still) accurate). This method uses postfix header checks, and could work to match the From header, and I supposed even authenticating username in Received headers from a portion of mail servers, but header checks don't have reliable/consistent access to the envelope sender. What I would do (ie. have done myself) in this situation is block them via custom rules in the spam filter. I've done that in spamassassin, eg. add to /etc/spamassassin/local.cf something like: Code: blacklist_from *@domain.com blacklist_from *@*.domain.com But these days I would (and have on all but one server) convert to rspamd and use the multimap module to block a list of sender domains. Another thing I've done at times is create a custom rbl to block domains in postfix. I still have that setup on ISPConfig systems via postscreen checking a local dns rbl, though you could do it in smtpd_sender_restrictions if you don't want to setup postscreen.
