Blocking by filter expression

K

kiddx

Member
Apr 6, 2008
47
0
6
West Palm Beach, Florida, United States
this seems to have been working for along time, we have .*@*.ru and many other root level domains blocked. Nothing has changed on config but today we were spewing mail out to aol , hotmail etc, and didnt get blacklisted but our sender score dropped 20 points.

I see alot of this coming from .ru today, when i look at the realtime list i see tons of mail from someone.ru FROM=<> TO=<someone@aol.com> and then recipent rejected, and apparently this was sending an NDR out to aol.com . in the Stats page I have EMPTY ADDRESS with @ 20 million records this month. I cant tell what has changed. I removed and re-added .ru, but they still seem to be getting processed not just dropped (the verify tests and everything) which i dont think was occuring before.

Any ideas? we used to have block unknown sender/clients on but many people had issues sending us mail so we took that off last year. i turned it back on which seems to block alot of the .ru.

My first rule is Blacklist(98) /Anybody/Always/Anything/Block

Thanks
 
I always just assumed this was working for me. I turned on notify admin, and although i have seen about 100 connections from various .ru sites I havent recieved one notice. Maybe I just dont have it set right. this is set to 98 and is the top rule on my list. Mail is still getting to the verify receivers which is how I happened to notice.

Regular Expression.*@*.co
Regular Expression.*@*.do
Regular Expression.*@*.fr
Regular Expression.*@*.hinet.net
Regular Expression.*@*.hu
Regular Expression.*@*.in
Regular Expression.*@*.it
Regular Expression.*@*.kr
Regular Expression.*@*.ru
Regular Expression.*@*.se
Regular Expression.*@*.th

From:Blacklist
To:Anybody
When:Always
What:Anything
Action:Block, Notify Admin
 
the rule system triggers after successful SMTP connections. this means, only if the emails are accepted they will be passed to the rule system.

SMTP checks like Greylisting, SPF, Verify Receivers or 'block unknown sender/clients' triggers before the rule system.
 
Hi people. I have a question. I need to block emails that have a specific word or phrases that comes in the body of the message, do you know what is the method to do it? The PMG blocks by phrases or words that come within the body of the message? does it has a specific syntax?
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back