In the SMTP logs, I now see "Country Code : " - I never took notice of this before.

1) When was this put in ?

2) SmarterPeeps... HOW do you accomplish that ? What tool are you using to generate this ?  Is this something you built or is this a tool available to the public ?

We have pfBlocking on our firewall with Geo IP blocking and even though we have piles of countries blocked (CN, NL, TR, RU) - you can see they are still getting through, BUT, your SMTP here is properly identifying them.

I want some way to accurately block inbound traffic from a variety of places at our firewall level. I see this and I now think I can export a report to excel and run some queries to pull out IP's from countries I want to block, but wondering if we can just integrate that tool directly to our firewall instead of me doing a song and dance work around.

[2024.10.22] 00:10:00.833 [45.148.10.50][52383233] Country code: NL
[2024.10.22] 00:10:37.056 [45.148.10.50][20258366] Country code: NL
[2024.10.22] 00:13:05.243 [220.246.43.233][61278381] Country code: HK
[2024.10.22] 00:13:19.294 [178.70.243.35][54515413] Country code: RU
[2024.10.22] 00:13:56.060 [114.251.109.35][54996657] Country code: CN
[2024.10.22] 00:14:06.629 [87.120.218.157][11094627] Country code: IT
[2024.10.22] 00:14:09.054 [223.82.241.89][57627059] Country code: CN
[2024.10.22] 00:14:16.627 [78.154.31.59][32237079] Country code: BG
[2024.10.22] 00:14:54.550 [116.114.84.170][59080338] Country code: CN
[2024.10.22] 00:15:05.037 [5.11.164.165][62718108] Country code: TR
[2024.10.22] 00:16:54.490 [65.20.205.197][54067822] Country code: IQ
[2024.10.22] 00:17:01.872 [180.168.119.2][43875323] Country code: CN
[2024.10.22] 00:17:07.424 [82.19.12.103][50121484] Country code: GB
[2024.10.22] 00:17:14.049 [121.138.168.221][2614807] Country code: KR
[2024.10.22] 00:17:30.109 [121.202.201.109][43792550] Country code: HK