Source IP Address Ruleset / Allowing Mail From Specific Source Only

Markus Nilsson markus at
Wed Feb 23 15:03:46 GMT 2011

> From: "Cameron B. Prince" <cplists at>

> This is working well, but we have spammers with cached MX records
> making an
> end-run around the new filter by continuing to send mail directly to
> our
> server.
> To solve this, I'm hoping it would it be possible to set up something
> like a
> ruleset such as:
> To:
> The idea being that the source address of the MX connection is checked
> and
> compared with the ruleset. Then if the IP address matches mail is
> allowed
> and if not, it's blocked.
> I'm certainly open to other suggestions, but this seems like an
> elegant
> solution and a nice feature for MailScanner.
> There have been suggestions of using IP tables but since our mail
> servers
> receive mail for many different domains, we can't simply block
> everything
> except the filtering company.
> I look forward to your thoughts and ideas.
> Thanks,
> Cameron

Sounds like a job for SpamAssassin! (something like the below)

header __TO To =~ /^address at domain$/
header __FROM Received =~ /\[\]/
meta RULE (__TO - __FROM) >= 1 
score RULE 10
describe RULE Mail coming from wrong IP


This message has been scanned for viruses and dangerous content by CronLab
(, and is believed to be clean.

More information about the MailScanner mailing list