Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

How to "drop" mails instead of "reject" in MTA mode

Hi all!

This is a follow-up of a question I posted 7 month ago - and dind't wrote back (sorry!).

 How to "drop" mails instead of "reject" 

This is still not resolved, so I ask again:

************

We have a XGS 2300 with SFOS v20 deployed and we use it as our SMTP proxy.

We get a lot of mails from "spameri @ tiscali.it" which are rightfully rejected. Now, I would like to set up a rule to really DROP those mails instead of (only) REJECTING them. How can this be done? I already blocked the sender under "General settings" but it makes no difference.

************

The one answer I got for this was a KBA article for the SMTP legacy mode. We use the (new) MTA mode instead. So, how can this be achieved?

Thanks a lot for all contributions!

Best regards,

  Markus



Added TAGs
[edited by: Erick Jan at 10:40 AM (GMT -7) on 19 Sep 2024]
Parents
  • What is your general issue? 
    Because, rejecting is something, the MTA can do while SMTP Transmission. 

    If you want to "drop" this: 
    Try to build a ACL Rule from this sender IP and reject it. 

    __________________________________________________________________________________________________________________

  • ah yes, that's the idea!

    The reason I want to do this is: As far as I know with a "reject" the firewall sends an answer to the sender whereas a "drop" is silent. I think this is a security benefit because the potential attacker doesn't even know if their mail reached it's target. Or am I mistaken?


    Mhm, I just tried to create an ACL rule. But it seems I can't add an email address, only a network. Am I looking at the wrong place?

    EDIT

    Ah sorry, I didn't read that you already wrote "add IP address of sender". Mhm, so It's not possible to add a mail address?

Reply
  • ah yes, that's the idea!

    The reason I want to do this is: As far as I know with a "reject" the firewall sends an answer to the sender whereas a "drop" is silent. I think this is a security benefit because the potential attacker doesn't even know if their mail reached it's target. Or am I mistaken?


    Mhm, I just tried to create an ACL rule. But it seems I can't add an email address, only a network. Am I looking at the wrong place?

    EDIT

    Ah sorry, I didn't read that you already wrote "add IP address of sender". Mhm, so It's not possible to add a mail address?

Children