This is very simple plugin for Postfix SMTP server to block access to service from IPs that are propagated by listed ASN (Autonomous system) numbers.
This script use ipinfo.io API with free account. If you run busy SMTP server, you may be required to buy paid plan.
I'm running small smtp server to host my personal emails. Since two months, my server is daily bombarded by connection from Spam Servers hosted by LayerHost and company doesn't reacted to any abuse notification. I know, that blocking entire network block belongs to hosting company may be drastic, but it works for me and may works for you.
/opt
directory.Debian/Ubuntu
sudo apt install -y curl jq
Red Hat/CentOs 7
sudo yum install -y curl jq
Red Hat/CentOs/Rocky Linux/AlmaLinux 8
sudo dnf install -y curl jq
asnblocker.sh
script.asn_list.txt
file.asnblocker unix - n n - 0 spawn
user=asnblocker argv=/opt/asnblocker/asnblocker.sh
smtpd_client_restrictions
:smtpd_client_restrictions =
...
check_policy_service unix:private/asnblocker
sudo adduser --quiet --system --group --no-create-home --home /nonexistent asnblocker
systemctl restart postfix
The easiest way to get AS number of network which you want to block is by using whois service:
whois ip_address |grep "^OriginAS:"
OriginAS: ASxxxxx
or you can use websites like https://who.is