Blocking top-level domains

[Tracy Greggs]

How about hosts.deny

 

Tracy

 

 

From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Bryan
Laurila
Sent: Friday, July 18, 2014 12:47 PM
To: mailscanner at lists.mailscanner.info
Subject: Blocking top-level domains

 

I had an interesting situation creep up on me this week where I thought that
something was happening (or being processed) in MailScanner/SpamAssassin but
apparently it was not.

I have two mail relay scanners running MailScanner & SpamAssassin on Suse
Linux.  These boxes scan incoming mail for spam & viruses and then relay to
my MS Exchange server.  I had an influx of spam this week coming in from
several top-level domains that we wouldn't normally receive any valid emails
from anyway, like .eu, .in, .asia, .club, etc.  

Upon investigating the situation I found that the Trend Micro Scan Mail
service on my Exchange server crashed which lead me to the discovery that
MailScanner & SpamAssassin weren't filtering mail from these unwanted top
level domains as I thought and all that work was being done by my exchange
server.

So, the question of the day is.  Where is the best place to turn on
filtering or set a rule somehow to filter unwanted top-level domains at the
MailScanner/SpamAssassin servers?

Like all things in IT there are probably multiple ways of doing this so I am
curious as to what others are doing.  All thoughts & comments are welcome.

Thanks!

Bryan S. Laurila

Senior Network Support Analyst

Dickinson County Healthcare System

1721 South Stephenson Avenue

Iron Mountain, Michigan 49801

"Life begins at the end of your comfort zone!"


-- 
This message has been scanned for viruses and 
dangerous content by  <http://www.mailscanner.info/> MailScanner, and is 
believed to be clean. 

 

Confidentiality Notice: 

This e-mail communication and any attachments may contain confidential and
privileged information for the use of the designated recipients named above.
If you are not the intended recipient, you are hereby notified that you have
received this communication in error and that any review, disclosure,
dissemination, distribution or copying of it or its contents is prohibited.
As required by federal and state laws, you need to hold this information as
privileged and confidential. 

This message may contain Protected Health Information (PHI).  PHI is
personal and sensitive information related to a person's health care.  It is
being emailed to you after appropriate authorization from the patient or
under circumstances that do not require patient authorization.  You, the
recipient, are obligated to maintain it in a safe, secure and confidential
manner.  Re-disclosure without additional patient consent or as permitted by
law is prohibited.  Unauthorized re-disclosure or failure to maintain
confidentiality could subject you to penalties described in federal and
state law. 

If you are not the intended recipient, or the employee or agent responsible
to deliver it to the intended recipient, you are hereby notified that any
disclosure, copying or distribution of this information is Strictly
Prohibited.  If you have received this communication in error, please notify
the sender and destroy all copies of this communication and any attachments.


Dickinson County Healthcare System, 1721 S. Stephenson Ave. Iron Mountain,
MI 49801, www.dchs.org 
-- 
This message has been scanned for viruses and 
dangerous content by  <http://www.mailscanner.info/> MailScanner, and is 
believed to be clean. 


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20140718/f44997fb/attachment.html