Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 0 subscribers
  • Views 12443 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Email Appliance - Blocking Top Level Domains

Caninus

What is the best way to block all emails with sender addresses in unwanted country code top level domains, like blocking all emails from .cn .ru .hk etc.?

:34445


This thread was automatically locked due to age.
  • 0

    Hi Caninus,

    I'm afraid you can't block a top level domain at the moment.  You can only block individual domains.

    What you could do is use a regular expression to evaluate the 'From' header.  This is done in 'Configuration > Policy > Additional Policy' using a 'Message attributes' rule type.

    But obviously bear in mind that the 'From' header can be spoofed and isn't necessarily the same as the envelope sender.

    If you're having problems with Spam I'd suggest the first step is to submit samples and call our support guys:

    http://www.sophos.com/en-us/support/knowledgebase/23113.aspx

    Hope this helps,
    Tom.

    :34559
  • 0

    The policy rule approach does not seem to work but that could be because I am not writing the regular expression correctly.

    Blocking connections or redirecting messages from top level domain country codes would be extremely useful in cutting down spam for organizations that do not do business outside of their own country or region. Sophos should look into adding this feature.

    :34705
  • 0

    It looks like rules like Header matches regular expression: 'From: \.in\b' do work for blocking ccTLDs.

    :34717
Unfiltered HTML