Blocking by country code or .tld possible?

A

Allen15

New Member
Jun 28, 2010
28
0
1
Hello.

Lately we've seen a major increase in spam specifically from the tld of .eu, and Microsoft hasn't seen fit to add that country code to their tld blocking yet (as of Exchange 2010), so I'm shopping for a spam filter for the mail server.

I can't find anything via search that specifically mentions anyone blocking an entire country code with this product, so I ask, is it possible to do? FWIW, I've been happily using Proxmox VE for years, but I've never tried using the Mail Gateway product (yet). I've read through the documentation posted on the web, and it either doesn't mention that topic at all, or is far too general to indicate if such is an option.

Can anyone tell me if they are actually (successfully or not) blocking any tld, and is .eu available to be blocked?

Thanks
 
blocking email just because of a domain ending is not recommended and not really needed. but yes, this can be done via the rule system (using regular expressions).

best way to see if the mail gateway is helping you - test it within your environment for 30 days - which is free and fully supported by our team (Support via https://my.proxmox.com)
 
I took a poll of all of the employees at a few companies affected by this same growth in spam, and NOBODY knows of anyone who has a legitimate email address that ends in the tld of .eu

Currently something like 56% of the spam I'm seeing each month comes from a fictitious email address ending in .eu, so as far as we're concerned, yes, we're ready to block it completely with no regrets. IFF anyone should wish to communicate with me and they have a valid email address ending in .eu, they'll just have to pick up a telephone and call me first, before I'll believe it is legitimate. The European Union is on the other side of the planet from where me and most of my customers are, and we just don't get much call to have to get email from that side of the world AND from a generic tld.

As an IT Consultant, I've got customers with legitimate contacts from .co.uk, .co.es, .ru, .de and many others in europe, but nobody we've (ever) had to care about or for that matter, even know about, has a .eu email address. As far as we're concerned, it could be completely shut down and we'd never miss it (or the spam).

Microsoft's lack of inclusion of that as a tld in the optional block list has paved the way for many spammers to forge email from that tld, because it is harder to block with the included spam filters. I can't really afford to wait for Microsoft to update, as they likely would have already done so, if they really felt it was urgent, but I do get blamed for lost productivity when key employees are spending too much time sifting through garbage to get to real email, so I have to do something.

Out of curiosity, do you know of anyone who has a legitimate email domain that ends with .eu?
 
I have a customer, company of over 100 people, who have a .eu email domain. They are very legitimate and work with a number of fortune 500 companies.

Blocking email by tld is the wrong way to go. I doubt if MS will ever block .eu
 
Last edited:
They (Microsoft) don't have to block it, but for those who would benefit from such, it would be very nice to allow them the option. Just like it has already been an option to block a long list of country codes, including .de...

In any event, it is refreshing to hear that someone is getting some legitimate use from the .eu tld. Thanks for the ray of sunshine :).

I have 2 nearly opposite cases, where one, an accounting firm, already has their Microsoft Domain Controller (running SBS 2011) virtualized on Proxmox, and would most easily be able to add another container to run the mail gateway, but they're too cheap to be willing to pay the subscription fee. They just want to completely block any garbage that isn't from either the government or local (Chicago metro area) customers or potential customers (still local). The principal accountant even blocks or rejects any social media contacts when possible for anyone not in the local area, as they are "not likely to turn into any actual business for the firm". They'd be the easiest to switch over to running the mail gateway, but I haven't yet been able to get them to see the value in buying it.

Another case is a manufacturing company who already does have international business customers and would like to grow more in that area, but currently their sales and engineering staff are heavily burdened with spam from mostly .eu (& probably forged) email addresses. They don't have any of their servers virtualized, so adding a mail gateway will mean another box in the server room at minimum. They are also the most likely to see enough value in the mail gateway to be happy to pay the subscription fees to keep the service running, but it will be a much higher hurdle to get another box to add to the server room. They are running SBS 2008 R1, so it is my hope that their next server will be virtualized, because they aren't even close to utilizing the full capacity of any of their individual server hardware platforms.

The office manager also doubles as their web developer, and I've started exposing her to the joys of Proxmox VE, so the seeds have been sown - I set up a Proxmox server for her to play with at her house to do outside web development, and I think she's addicted now :). The company president and the lead engineer have also started to take notice about my discussing virtualizing various server functions, as they are approaching a cooling problem in their server room, and I think the lead engineer has some ideas for future sandbox testing that virtualization would work more easily with... Either way, it will probably be a few months or more before I could possibly convert them over to Proxmox VE or the mail gateway product.

If Proxmox Mail Gateway can tell the difference between junk mail from .eu and real mail from .eu without blocking the .eu tld completely, I'm all for it, but I'm still at the service of my customers, and I can only guide them, I can't force them to choose any particular path.
 
Last edited:
I use a regular expression to block tld's. This is the expression I use. I agree this is bad in practice but I have had issues with proxmox and getting a lot of spam through. I currently have a ticket opened with the support to try to get this resolved.

Code: 
.+\.(link|click|xyz)


Allen15 said:
Hello.

Lately we've seen a major increase in spam specifically from the tld of .eu, and Microsoft hasn't seen fit to add that country code to their tld blocking yet (as of Exchange 2010), so I'm shopping for a spam filter for the mail server.

I can't find anything via search that specifically mentions anyone blocking an entire country code with this product, so I ask, is it possible to do? FWIW, I've been happily using Proxmox VE for years, but I've never tried using the Mail Gateway product (yet). I've read through the documentation posted on the web, and it either doesn't mention that topic at all, or is far too general to indicate if such is an option.

Can anyone tell me if they are actually (successfully or not) blocking any tld, and is .eu available to be blocked?

Thanks
Click to expand...
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back