Jump to content

Mail Security - Proper way to block domain

sos4eset
 Share

Recommended Posts

sos4eset

sos4eset 1

Posted
Posted

Using Eset Mail Security for Exchange version 4.5.x. for about 3months with great results. Now, all of a sudden some spam is making it's way through to clients.  These emails come from domains that end in .download, .eu, .trade, etc.

 

In the Antispam parameters setup for filtering, how do we properly add these domains (what is proper syntax) to the Blocked Domains section? Do we just write as download, or do we write .download, or *@*.download??  We had it as just download but that doesn't seem to work so now we are trying with he dot before the domain. See attached.

 

Thank you!

post-5107-0-40643400-1445347924_thumb.jpg

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

I'd strongly recommend upgrading to EMSX v6 as it brings several benefits:

1, ESET's antispam engine is used

2, Attachments from scanned email are checked against ESET LiveGrid which provides rapid response to new-borne threats

3, Files in archives are recognized by type so you can create different rules for exe files, document files, etc. that you may receive in archives

4, Many more improvements and fixes.

Link to comment
Share on other sites
sos4eset

sos4eset 1

Posted
  • Author
Posted

Thank you for the suggestion but it may be a little while until we can do that upgrade. Can you offer any guidance on the proper syntax for blocking domains?

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

You can enter TLDs without the period in front of them. However, we don't recommend using this setting as it led to many false positives, especially if blocked domains were listed in signatures in legitimate emails.

Link to comment
Share on other sites
sos4eset

sos4eset 1

Posted
  • Author
Posted

Ok- we will go back to that syntax, but as explained in my original post we had it that way initially so not sure why they are not being blocked;)  Thanks for replying.

 

Do you know if the new version 6.x has a different method for blocking domains?

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

I've just realized you would like to blocked domains of senders. However, the "Blocked domains" list works only for domains found in the email body (see the description in the screen shot you posted). Please send me 2-3 examples of emails in msg or eml format that slipped through EMSX.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...