Spam Filter ISP Support Forum

  New Posts New Posts RSS Feed - add mycompany.com to blacklist
  FAQ FAQ  Forum Search   Register Register  Login Login

add mycompany.com to blacklist

 Post Reply Post Reply
Author
LogSat View Drop Down
Admin Group
Admin Group
Avatar

Joined: 25 January 2005
Location: United States
Status: Offline
Points: 4065
Post Options Post Options   Thanks (0) Thanks(0)   Quote LogSat Quote  Post ReplyReply Direct Link To This Post Topic: add mycompany.com to blacklist
    Posted: 24 August 2007 at 7:52pm
The address in the "From" email header can be different from the one in the "MAIL FROM". Legitimate emails do use different addresses. Basing some of the filters on the "From" address would cause too much valid emails to be stopped, so this request cannot be implemented, sorry.
Roberto Franceschetti

LogSat Software

Spam Filter ISP
Back to Top
mbrusl View Drop Down
Groupie
Groupie
Avatar

Joined: 05 December 2005
Location: Thunder Bay Ont
Status: Offline
Points: 61
Post Options Post Options   Thanks (0) Thanks(0)   Quote mbrusl Quote  Post ReplyReply Direct Link To This Post Posted: 24 August 2007 at 3:55pm
Originally posted by Stupid Stupid wrote:

I do have SPF implemented.

Why doesn't SFI look at the From address? It would be such a nice feature I think. I get at least two questions a week about why someone would send themselves spam.


Does your SPF record in your DNS look something like below?  If it does not, then maybe that could be part of the problem.

TXT  
v=spf1 a mx a:node1.ns1.example.com a:node2.ns1.example.com a:node3.ns1.example.com a:node4.ns1.example.com mx:mail.example.com ip4:192.168.0.0/32 include:yourisp.net ~all
 
If you are on a dynamic IP that changes because of your ISP, then having the include:yourisp.net ~all  is needed to find your authorized ISP's IP that your currently using on y our network.

Michael

Back to Top
Stupid View Drop Down
Senior Member
Senior Member


Joined: 28 November 2005
Status: Offline
Points: 127
Post Options Post Options   Thanks (0) Thanks(0)   Quote Stupid Quote  Post ReplyReply Direct Link To This Post Posted: 24 August 2007 at 9:26am
I do have SPF implemented.

Why doesn't SFI look at the From address? It would be such a nice feature I think. I get at least two questions a week about why someone would send themselves spam.
Back to Top
LogSat View Drop Down
Admin Group
Admin Group
Avatar

Joined: 25 January 2005
Location: United States
Status: Offline
Points: 4065
Post Options Post Options   Thanks (0) Thanks(0)   Quote LogSat Quote  Post ReplyReply Direct Link To This Post Posted: 23 August 2007 at 7:29pm
Please note that SpamFilter acts upon the "real" email address specified in the email. This is often referred to as the "Envelope" address, or the "Return-Path" address. It is the email address that is provided by the sender's server in the "MAIL FROM" SMTP command. SpamFilter logs this address in the following header:
X-SF-RX-Return-Path: <HYPERLINK "mailto:someone@test.com"someone@test.com>
 
Also note that the "From:" address displayed in most email clients can be different than the above address. This latter address is specified in the "From:" header in an email, and is only used by email clients to display any email address the sender wants.

That said, rather than a blanket "blacklisting" of your own domain, you may want to implement SPF (Sender Policy Framework - www.openspf.org) for your domain. This will allow you more flexibility as it lets you specify via DNS which IPs are authorized to send emails on your behalf. This will still allow you to receive emails sent from your own domain, but will let you specify which hosts are allowed to do so.
Roberto Franceschetti

LogSat Software

Spam Filter ISP
Back to Top
Stupid View Drop Down
Senior Member
Senior Member


Joined: 28 November 2005
Status: Offline
Points: 127
Post Options Post Options   Thanks (0) Thanks(0)   Quote Stupid Quote  Post ReplyReply Direct Link To This Post Posted: 23 August 2007 at 4:04pm
*@mycompany.com thing doesn't even pass RegEx. I tried already.
Back to Top
Desperado View Drop Down
Senior Member
Senior Member
Avatar

Joined: 27 January 2005
Location: United States
Status: Offline
Points: 1143
Post Options Post Options   Thanks (0) Thanks(0)   Quote Desperado Quote  Post ReplyReply Direct Link To This Post Posted: 23 August 2007 at 3:26pm
I would suggest *@mycompany,com in the FROM Black list as I am not sure if SF wil see the actual domain it comes from or the from addresses.  I seem to have better luck with this BUT the from is being forged so this may not work either.
The Desperado
Dan Seligmann.
Work: http://www.mags.net
Personal: http://www.desperado.com

Back to Top
Stupid View Drop Down
Senior Member
Senior Member


Joined: 28 November 2005
Status: Offline
Points: 127
Post Options Post Options   Thanks (0) Thanks(0)   Quote Stupid Quote  Post ReplyReply Direct Link To This Post Posted: 23 August 2007 at 9:32am
I have seen quite a few spam with FROM: sehrfhas@mycompany.com to RealName@mycompany.com slip through even though I have "Reject if From Domain = To Domain" turned on.

Since my SFI is receiving only, can I add mycompany.com to the blacklist domain?
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down



This page was generated in 0.063 seconds.