4
Block spam based on Reverse DNS lookup
Question asked by kevind - 1/25/2018 at 6:52 PM
Unanswered
OK, here's a question for all the spam experts out there.  How can I block during SMTP (or add spam points) for connecting IPs that contain a specified string in the reverse DNS (PTR) record.
 
For example, I want block SMTP connections where the PTR record contains "unifiedspammer.com" as in 162-144-49-8.unifiedspammer.com [162.144.49.8].  Adding spam points instead would be fine as long as they would count toward SMTP blocking.
 
Thanks!

6 Replies

Reply to Thread
0
echoDreamz Replied
There is no way to do it based on the PTR value, however at the content level you can do a custom rule value for the Received header contains unifiedspammer.com.
0
echoDreamz Replied
Under the server spam checks, create a new custom rule for Header, the header Received contains unifiedspammer.com, give it your weight etc.
0
echoDreamz Replied
I really wish ST would open up an API or something for us professional devs to create custom .net libraries that follow some interface to do custom lookups and return results etc. Though I know this complicates issues as well as opens SmarterMail up to crappy developers that cannot write thread safe code and other issues that could negatively impact SmarterMail.
0
Emmet McGovern Replied
You just described the entire wordpress ecosystem.
0
kevind Replied
Appreciate the reply! Good tip and will use it for scoring, but I'm guessing it's too late for SMTP blocking. Would really like to keep from even accepting the message due to the enormous amount of spam from these guys.

Will just have to resort to maintaining a list of IPs to block, until SM comes through with FCrDNS which would also block this spammer.

FCrDNS now up to 20 votes!
https://portal.smartertools.com/community/a88965/reverse-dns-check-improvements.aspx

0
echoDreamz Replied
Yep, just like this, there will be some great devs out there that can handle this and of course, some not so great devs :)

Reply to Thread