Ascar There’s probably a better way to do this. From the UI, go to logs/postfix. I search (individually) for 3 keys.
I’ll then get something like
NOQUEUE: reject: RCPT from mail-oi1-f195.google.com[209.85.167.195]: 550 5.7.1 <target@domain.com>: Recipient address rejected: The email account that you tried to reach does not exist.; from=<17694@nkpr.ac.th> to=<target@domain.com> proto=ESMTP helo=<mail-oi1-f195.google.com>
Where target@domain.com is one of the burned addresses configured for blocking in a postfix block list. There’s also target1, target2, target3…targetn@domain.com. These addresses receive 99.9% spam and will likely never receive valid content. No point in wasting system resources to process them further.
Each entity I correspond with gets a unique email address so it’s easy to see who’s leaked or where it was stolen from. Then just blacklist at postfix level. As most of these are coming from google, im surprised their system doesn’t flag these given they’re all rejected with 571 error.