Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 3 subscribers
  • Views 8749 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

block all Linkedin e-mails / UTM9

rschmid

Hello,

my employer wants to block all e-mails from Linkedin.
Under Email Protection > SMTP > Exception I added the address pattern *@linkedin.com but e-mails are still delivered to users inbox.
How can I reliably block These Linkedin e-Mails?

Help is appreciated.

Kind regards,
Roland



This thread was automatically locked due to age.
Parents
  • 0

    Hi, Roland, and welcome to the UTM Community!

    Show the SMTP log lines related to one such email.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0

    Hi, Roland, and welcome to the UTM Community!

    Show the SMTP log lines related to one such email.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson

    Hi Bob,

    thank you for the welcome.
    Below I'll post UTM SMTP log:

    2016:03:23-13:45:50 proxy exim-in[14148]: 2016-03-23 13:45:50 [x.x.x.x] F=<s-2guwuoj3sjorlnj8jbrunfp8rot79pbob5u944cl0p1juq4jf01kiuzn@bounce.linkedin.com> R=<name.surename@mydomain.com> Verifying recipient address with callout

    2016:03:23-13:45:50 proxy exim-in[14148]: 2016-03-23 13:45:50 1aiiAY-0003gC-0w DKIM: d=linkedin.com s=proddkim1024 c=relaxed/relaxed a=rsa-sha256 t=1458737141 [verification succeeded]

    2016:03:23-13:45:50 proxy exim-in[14148]: 2016-03-23 13:45:50 1aiiAY-0003gC-0w <= s-2guwuoj3sjorlnj8jbrunfp8rot79pbob5u944cl0p1juq4jf01kiuzn@bounce.linkedin.com H=mail.relayhost.com [x.x.x.x]:49412 P=esmtp S=23649 id=1100978925.2097021.1458737141159.JavaMail.app@ltx1-app10628.prod.linkedin.com

    2016:03:23-13:46:00 proxy smtpd[14162]: SCANNER[14162]: 1aiiAi-0003gQ-Ay <= s-2guwuoj3sjorlnj8jbrunfp8rot79pbob5u944cl0p1juq4jf01kiuzn@bounce.linkedin.com R=1aiiAY-0003gC-0w P=INPUT S=21847

    2016:03:23-13:46:00 proxy smtpd[14162]: SCANNER[14162]: id="1000" severity="info" sys="SecureMail" sub="smtp" name="email passed" srcip="x.x.x.x" from="s-2guwuoj3sjorlnj8jbrunfp8rot79pbob5u944cl0p1juq4jf01kiuzn@bounce.linkedin.com" to="name.surename@mydomain.com" subject="urs Mannheim, bitte bestätigen Sie Ihre E-Mail-Adresse" queueid="1aiiAi-0003gQ-Ay" size="21847"

    2016:03:23-13:46:01 proxy exim-in[14173]: 2016-03-23 13:46:01 [192.168.1.1] F=<> R=<s-2guwuoj3sjorlnj8jbrunfp8rot79pbob5u944cl0p1juq4jf01kiuzn@bounce.linkedin.com> Accepted: from relay

    2016:03:23-13:46:01 proxy exim-out[14166]: 2016-03-23 13:46:01 1aiiAi-0003gQ-Ay => name.surename@mydomain.com P=<s-2guwuoj3sjorlnj8jbrunfp8rot79pbob5u944cl0p1juq4jf01kiuzn@bounce.linkedin.com> R=static_route_hostlist T=static_smtp H=192.1.1.1 [192.168.1.1]:25 X=TLSv1:ECDHE-RSA-AES256-SHA:256 C="250 2.6.0 <1100978925.2097021.1458737141159.JavaMail.app@ltx1-app10628.prod.linkedin.com> [InternalI"

    2016:03:23-13:46:03 proxy smtpd[14162]: SCANNER[14162]: id="1000" severity="info" sys="SecureMail" sub="smtp" name="email passed" srcip="192.168.1.1" from="" to="s-2guwuoj3sjorlnj8jbrunfp8rot79pbob5u944cl0p1juq4jf01kiuzn@bounce.linkedin.com" subject="Unzustellbar: urs Mannheim, bitte bestätigen Sie Ihre E-Mail-Adresse" queueid="1aiiAl-0003gQ-ME" size="31003"

    2016:03:23-13:46:04 proxy exim-out[14182]: 2016-03-23 13:46:04 1aiiAl-0003gQ-ME => s-2guwuoj3sjorlnj8jbrunfp8rot79pbob5u944cl0p1juq4jf01kiuzn@bounce.linkedin.com P=<> R=smarthost_route T=smarthost_smtp H=x.x.x.x [x.x.x.x]:25 X=TLSv1:DHE-RSA-AES256-SHA:256 C="250 2.0.0 Ok: queued as 399ED5A49AD"

     

    Kind regards,

    Roland

  • 0 in reply to rschmid

    Based on your logs you will also have to add @bounce.linkedin.com.

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
  • 0 in reply to scorpionking

    *@linkedin.com does not include @bounce.linkedin.com ?

    Kind regards,
    Roland

Unfiltered HTML