Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 2782 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to block if sender domain does not exist?

twister5800
Hi,

Is it possble to set up the UTM to block non existant domains?


This thread was automatically locked due to age.
  • 0
    Sender Address Verification is disabled in the SMTP Proxy, and there's no way to change that in WebAdmin.

    'Strict rDNS' should fail if the domain does not exist.

    179.214.85.209.in-addr.arpa -> mail-ob0-f179.google.com
    and
    mail-ob0-f179.google.com -> 209.85.214.179


    The Russian Mafia and the Chinese military have stealth name servers that can be used to create a fake domain.  I haven't seen them used for this, as I guess they usually can count on getting their attacks out with Trojans and phished credentials.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML