3
Is there a way, at the server level, to block all email from a specific TLD for instance *@*.bar
Question asked by Michael Gillespie - 8/11/2021 at 8:15 AM
Answered
Been seeing a lot of "Once a squirter...." email all coming from *@*.bar and while it is obviously spam, it is not being caught.  Currently have the trial versions of Message Sniffer  and Cyren Premium Antispam enabled and while I am seeing a lot of possible spam coming through, these are not being blocked and I don't want each user to have to block each different sender.

3 Replies

Reply to Thread
1
Tony Scholz Replied
Employee Post Marked As Answer
Hello Michael, 

Yes, If you wish to block all incoming messages from *.TLD you can add this to the SMTP block list


In the SMTP session, you will see this

Connecting to mail server.
Connected.
220 ascholz.local
EHLO ascholz
250-sup-ascholz.st.local Hello [10.1.9.0]
250-SIZE 139810133
250-AUTH LOGIN CRAM-MD5
250-8BITMIME
250-DSN
250 OK
RSET
250 OK
MAIL FROM: <tony@domain.com>
550 Sender is not allowed.

Error: SMTP protocol error. 550 Sender is not allowed..
Failed to send message
And in the server SMTP logs you will see this

[2021.08.11] 09:02:12.883 [10.1.9.0][40218278] rsp: 220 ascholz.local
[2021.08.11] 09:02:12.899 [10.1.9.0][40218278] connected at 8/11/2021 9:02:12 AM
[2021.08.11] 09:02:12.930 [10.1.9.0][40218278] Country code: Unknown
[2021.08.11] 09:02:12.946 [10.1.9.0][40218278] cmd: EHLO sup-ascholz
[2021.08.11] 09:02:12.946 [10.1.9.0][40218278] rsp: 250-ascholz.local Hello [10.1.9.0]250-SIZE 139810133250-AUTH LOGIN CRAM-MD5250-8BITMIME250-DSN250 OK
[2021.08.11] 09:02:13.055 [10.1.9.0][40218278] cmd: RSET
[2021.08.11] 09:02:13.055 [10.1.9.0][40218278] rsp: 250 OK
[2021.08.11] 09:02:13.055 [10.1.9.0][40218278] cmd: MAIL FROM: <tony@domain.com>
[2021.08.11] 09:02:13.071 [10.1.9.0][40218278] senderEmail(1): tony@domain.com parsed using: <tony@domain.com>
[2021.08.11] 09:02:13.086 [10.1.9.130][40218278] rsp: 550 Sender is not allowed.
[2021.08.11] 09:02:13.086 [10.1.9.130][40218278] disconnected at 8/11/2021 9:02:13 AM

Here is a better shot of the SMTP BLOCK



I  hope this helps. 

Tony Scholz
Technical Support Specialist
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
0
Michael Gillespie Replied
Thanks for the help, easy enough to add the rule.
0
Hasham Wahaib Replied
Is it Possible to Add Multiple Domains in one entry ?

Reply to Thread