May 292011
 

If you intend to be able to reject connections from remote IP addresses if they’re from certain countries. This is how you do it. This method will reject ip address that has been mapped in GeoIP at smtp conversation stage. However, This tutorial has never been tested. nothing more than a prototype that i created in leisure time.

Software required:

  • postfix (tcp_table)
  • Perl
  • Perl Geo::IP module

main.cf:

127.0.0.1:2528_time_limit = 3600s
smtpd_client_restrictions =
	check_client_access tcp:[127.0.0.1]:2528

master.cf

127.0.0.1:2528 inet  n       n       n       -       0      spawn
	user=nobody argv=/etc/postfix/geo-reject.pl

Continue reading »