Source IP Address Ruleset / Allowing Mail From Specific Source Only
Cameron B. Prince
cplists at princeinternet.com
Wed Feb 23 14:43:41 GMT 2011
Hello fellow MailScanner users,
I've been using MailScanner for over 6 years now and it continues to provide
a good service for my clients. I now have a few clients that want to pay for
what they hope is even better spam filtering services provided by external,
third-party filtering companies. This is okay with me because these domains
get an extremely high volume of spam and really tax the servers.
We have configured one client's MX record to route all the mail for their
domain to one of these companies. There the mail is filtered and then clean
mail is routed back to our server to be stored in the client's mailboxes.
This is working well, but we have spammers with cached MX records making an
end-run around the new filter by continuing to send mail directly to our
server.
To solve this, I'm hoping it would it be possible to set up something like a
ruleset such as:
To: domain.com xxx.xxx.xxx.xxx
The idea being that the source address of the MX connection is checked and
compared with the ruleset. Then if the IP address matches mail is allowed
and if not, it's blocked.
I'm certainly open to other suggestions, but this seems like an elegant
solution and a nice feature for MailScanner.
There have been suggestions of using IP tables but since our mail servers
receive mail for many different domains, we can't simply block everything
except the filtering company.
I look forward to your thoughts and ideas.
Thanks,
Cameron
More information about the MailScanner
mailing list