Back to Community Threads
3
Blocking top level domains
Problem reported by Jerry Kuntz - 6/27/2016 at 6:42 AM
Submitted
Over the weekend, we were hammered by spam from .top and .gdn top level domains. I have tried putting a SMTP Block on plain ".top" but still see mail from those domains coming in to the spooler. Is there a more effective method within SM to block top level domains? (the IP ranges and individual .top domain names change constantly).
 
Jerry Kuntz
Ramapo Catskill Library System

3 Replies

Reply to Thread
2
Matthew Leyda Replied
6/27/2016 at 8:15 AM
Jerry,
Try using the following for your Custom Rules to score email from the TLD's you want to block.
Not the cleanest way, but until SM builds something in its the best we could find.
Example 1: (Meant to block TLD; From *.accountant)
    Rule Source: Header
    Header: From
    Rule Type: Regular Expression
    Rule Text: .+\.accountant>$
    Weight: 20
Example 2: (Meant to block TLD, Reply-To *.accountant)
    Rule Source: Header
    Header: Reply-To
    Rule Type: Regular Expression
    Rule Text: .+\.accountant>$
    Weight: 20
Example 3: (Meant to block TLD, Return-Path *.accountant)
    Rule Source: Header
    Header: Return-Path
    Rule Type: Regular Expression
    Rule Text: .+\.accountant>$
    Weight: 20

Here's a list of the TLDs we are blocking.  Note the format:
DOT  PLUSSIGN  BACKSLASH   DOT DOMAINTLD  GREATERTHAN DOLLARSIGN
.+\.accountant>$
.+\.bid>$
.+\.br>$
.+\.cf>$
.+\.click>$
.+\.club>$
.+\.cricket>$
.+\.date>$
.+\.download>$
.+\.eu>$
.+\.faith>$
.+\.fr>$
.+\.ga>$
.+\.gq>$
.+\.in>$
.+\.link>$
.+\.lol>$
.+\.ml>$
.+\.ninja>$
.+\.party>$
.+\.pw>$
.+\.racing>$
.+\.review>$
.+\.rocks>$
.+\.rs>$
.+\.science>$
.+\.space>$
.+\.tk>$
.+\.top>$
.+\.tr>$
.+\.trade>$
.+\.wang>$
.+\.webcam>$
.+\.website>$
.+\.win>$
.+\.work>$
.+\.xyz>$
Kendra Support http://www.kendra.com support@kendra.com 425-397-7911 Junk Email filtered ISP
0
Neil Colvin Replied
7/13/2016 at 8:23 AM
.xyz is now being used by Google for many of their administrative and other emails. Blocking it is not a good idea.
0
Jim Rosemary Replied
4/19/2017 at 6:46 PM
That works fine at the server/admin level. Is there any way for individual users or domain admins to use regular expressions in their filters? For example, one user wants to block all mail from the TLD ".us". But when he set up a filter to block domains containing "*.us", he could no longer receive mail from "usbank.com". A regular expression would allow the criteria to specify that the domain has to end in ".us"
Jim Rosemary New Tech Web, Inc.
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

554 Error - MTA Poor Reputation FixesSmarterMail > Troubleshooting
Recommended SPAM SettingsSmarterMail > Antispam and Antivirus
Configure URL Rewriting for Autodiscover on LinuxSmarterMail > Server Configuration and Management
Troubleshooting SmarterMail Automatic SSL CertificatesSmarterMail > Troubleshooting
Find a Compromised AccountSmarterMail > Troubleshooting