Jump to content

Mail Security - Proper way to block domain


Recommended Posts

Using Eset Mail Security for Exchange version 4.5.x. for about 3months with great results. Now, all of a sudden some spam is making it's way through to clients.  These emails come from domains that end in .download, .eu, .trade, etc.

 

In the Antispam parameters setup for filtering, how do we properly add these domains (what is proper syntax) to the Blocked Domains section? Do we just write as download, or do we write .download, or *@*.download??  We had it as just download but that doesn't seem to work so now we are trying with he dot before the domain. See attached.

 

Thank you!

post-5107-0-40643400-1445347924_thumb.jpg

Link to comment
Share on other sites

  • Administrators

I'd strongly recommend upgrading to EMSX v6 as it brings several benefits:

1, ESET's antispam engine is used

2, Attachments from scanned email are checked against ESET LiveGrid which provides rapid response to new-borne threats

3, Files in archives are recognized by type so you can create different rules for exe files, document files, etc. that you may receive in archives

4, Many more improvements and fixes.

Link to comment
Share on other sites

Thank you for the suggestion but it may be a little while until we can do that upgrade. Can you offer any guidance on the proper syntax for blocking domains?

Link to comment
Share on other sites

  • Administrators

You can enter TLDs without the period in front of them. However, we don't recommend using this setting as it led to many false positives, especially if blocked domains were listed in signatures in legitimate emails.

Link to comment
Share on other sites

Ok- we will go back to that syntax, but as explained in my original post we had it that way initially so not sure why they are not being blocked;)  Thanks for replying.

 

Do you know if the new version 6.x has a different method for blocking domains?

Link to comment
Share on other sites

  • Administrators

I've just realized you would like to blocked domains of senders. However, the "Blocked domains" list works only for domains found in the email body (see the description in the screen shot you posted). Please send me 2-3 examples of emails in msg or eml format that slipped through EMSX.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...