SMTP blacklist entry not working

Hi,

In the current version of SM, I have a blacklist entry blocking SMTP traffic from 74.81.69.0 - 74.81.69.255 that I added on 11/1/14. Yesterday in the SMTP log file, I saw numerous successful connections from this range similar to:

[2014.11.10] 10:09:43 [74.81.69.226][24760659] rsp: 220 mail.webworldinc.com
[2014.11.10] 10:09:43 [74.81.69.226][24760659] connected at 11/10/2014 10:09:43 AM
[2014.11.10] 10:09:43 [74.81.69.226][24760659] cmd: EHLO right.thenewdeadline-updates.link
[2014.11.10] 10:09:43 [74.81.69.226][24760659] rsp: 250-mail.webworldinc.com Hello [74.81.69.226]250-SIZE 104857600250-AUTH LOGIN CRAM-MD5250-STARTTLS250-8BITMIME250 OK
[2014.11.10] 10:09:43 [74.81.69.226][24760659] cmd: MAIL FROM:<SeeCareInform@right.thenewdeadline-updates.link> BODY=7BIT
[2014.11.10] 10:09:47 [74.81.69.226][24760659] rsp: 250 OK <seecareinform@right.thenewdeadline-updates.link> Sender ok
[2014.11.10] 10:09:47 [74.81.69.226][24760659] cmd: RCPT TO:<xxx@xxx.com>
[2014.11.10] 10:09:47 [74.81.69.226][24760659] rsp: 250 OK <xxx@xxx.com> Recipient ok
[2014.11.10] 10:09:48 [74.81.69.226][24760659] cmd: DATA
[2014.11.10] 10:09:48 [74.81.69.226][24760659] rsp: 354 Start mail input; end with <CRLF>.<CRLF>
[2014.11.10] 10:09:50 [74.81.69.226][24760659] rsp: 250 OK
[2014.11.10] 10:09:50 [74.81.69.226][24760659] Data transfer succeeded, writing mail to 41891763.eml
[2014.11.10] 10:09:50 [74.81.69.226][24760659] cmd: QUIT

(Email address suppressed for privacy). I don't have these folks in any whitelist. Is there a potential explanation for this I'm overlooking?

--Ben

2 Replies

Reply to Thread