Best way to block one domain from connecting ?

[liverpoolfcfan]

Every day there is at least one attempt from a dynamic IP address at hinet.net to relay email through my mail server.

Is it worth my while blocking this completely ?

And if it is, how do I go about it ?

Note: all our domain mail is delivered via an offsite mail sanitiser - so 99% of it comes from a single IP address. The other legitimate server connecting are our own off site servers. So if it easier to specifically allow just a few networks - rather than to specifically block just a few networks - I would be happy to do it that way too.

Thanks in advance.

[gettyless]

I guess you can make use of smtpd_sender_restrictions or smtpd_recipient_restrictions:

Postfix Configuration Parameters
Postfix Configuration Parameters

Also check out the related zimbra wiki page:
Domain level blocking of users - Zimbra :: Wiki

Or, I've not tried it with your specific situation, but can't you get away with blocking it off at the firewall level like with iptables?

[uxbod]

As a alternative install Welcome to the Home of OSSEC and allow it to use Active Response on your Zimbra server. That way if a host attempts to relay and it is not allowed then a IP tables rule will automatically be created.