08-04-2015 09:00 AM
Hello,
Please need your help.
I'm having trouble with my email filter appliance that is receiving email from non valid domain, and because of my lake of knowledge about the product it self, I need advice how do I can stop this problem.
the test that I'm doing is:
############################################################
telnet mx1.mymailserver.com
220*****************************
HELO malange.com <non valid domain>
MAIL FROM: paca@kalandula.com <non valid address>
250 sender <paca@kalandula.coom> ok
RCPT TO: alcides@mymailserver.com
250 recipient <alcides@mymailserver.com> ok
DATA
353 go ahead
aaassddfdsnfdnf
.
250 ok: Message 4206071 accepted
QUIT
221
##########################################################
I want to stop this type of message to reach mailbox in our organization. need advice.
Best regards,
Alcides Miguel
Solved! Go to Solution.
08-04-2015 03:40 PM
Hello Alcides,
With invalid domains sending emails through, there is a feature called "Envelope Sender DNS verification" where it will do a DNS lookup on the domain portion of the mail-from and if there is no valid DNS records found, it will reject the mail-from attempt. If this feature matches your requirement you can enable this in your GUI > Mail Policies > HAT overview > Click on the mail flow policy (ACCEPTED etc.) that you would like to enable this for. Scroll down to the bottom and you will see Envelope Sender DNS verification and enable this.
output would look like:
EHLO test
220 ironport.lab.com ESMTP
250-ironport.lab.com
250-8BITMIME
250 SIZE 20971520
mail from:<matt@test.cooom>
553 #5.1.8 Domain of sender address <matt@test.cooom> does not exist
^]
Else if you want to drop emails from a specific domain you can run content filters to drop by the envelope sender if you do not wish to accept emails from it.
Regards,
Matthew
08-04-2015 03:40 PM
Hello Alcides,
With invalid domains sending emails through, there is a feature called "Envelope Sender DNS verification" where it will do a DNS lookup on the domain portion of the mail-from and if there is no valid DNS records found, it will reject the mail-from attempt. If this feature matches your requirement you can enable this in your GUI > Mail Policies > HAT overview > Click on the mail flow policy (ACCEPTED etc.) that you would like to enable this for. Scroll down to the bottom and you will see Envelope Sender DNS verification and enable this.
output would look like:
EHLO test
220 ironport.lab.com ESMTP
250-ironport.lab.com
250-8BITMIME
250 SIZE 20971520
mail from:<matt@test.cooom>
553 #5.1.8 Domain of sender address <matt@test.cooom> does not exist
^]
Else if you want to drop emails from a specific domain you can run content filters to drop by the envelope sender if you do not wish to accept emails from it.
Regards,
Matthew
08-05-2015 12:20 AM
Hi Matthew,
Thanks for your response I've this option enabled but is not working as expected.
Regards,
Alcides
08-05-2015 05:18 PM
Hello Alcides,
Please know that this feature will check the envelope sender domain for DNS records, if they have valid DNS records (but you feel they're not a legitimate domain) then the feature will not block the email.
To stop from specific domains you do not wish to receive from/to you will need to incorporate local filters to do this.
GUI > Mail Policies > Incoming Content Filters > Add a new filter
or
CLI > filters > new
Filtername:
if (mail-from =="(?i)(@domain1.com|@domain2.com)")
{
drop();
}
.
Regards,
Matthew
08-11-2015 02:22 AM
Hello Mathew,
Thanks for your attention. the solution worked as expected.
regards,
Alcides
08-11-2015 09:08 PM
Hello Alcides,
Fantastic :)
Regards,
Matthew
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide