Create a file called sender_checks, under /opt/insight/etc/postfix/ and use the following example to craft your rules:
# This file must be "compiled" with "postmap"
# Using a domain name example.tld 554 Spam not tolerated here
# Maybe example2.tld is on a DNSbl, but we want to let their # email in anyway. example2.tld OK
# We get lots of spam from example3.tld, but we have somebody # there from which we do want to hear someuser@example3.tld OK example3.tld REJECT
Save the file and compile it into a Postfix database like this: # /opt/insight/sbin/postmap /opt/insight/etc/postfix/sender_checks
Log in to the server web interface as manager. Click Configuration->Services->Postfix, and scroll down to the UCE section. Locate the option "smtpd_recipient_restrictions". Add the following to the beginning of the comma separated list of values there:
Update the configuration and restart Postfix. You'll need to recompile with postmap and restart Postfix anytime the list changes.
UPDATE:
You can also use regular expressions to block entire root-level domains. You may decide that your business has no legitimate reason to receive email from Russia or Taiwan. Create regular expression rules in a new file called sender_checks_regex:
/^.*\.ru/ REJECT /^.*\.tw/ REJECT
Save it in /opt/insight/etc/postfix as above, but don't use postmap to compile it. Add it to the Postfix configuration as above, but use "regexp:/opt/insight/etc/postfix/sender_checks_regex" instead.
