Jump to content

ESET Mail Security on Exchange 2004 Not blocking Failed RDNS spam


Recommended Posts

Spam emails getting through with this headers:Received: from [171.234.173.26] ([171.234.173.26] RDNS failed) by mx.mail........com with Microsoft SMTPSVC(6.0.3790.4675);

I can't find a setting on Eset Mail Security / Antispam engine setup, or any other place, to deny path to failed reverse-dns domains.

 

Does it exist within this product? Or is it part of the mail server?

Link to comment
Share on other sites

  • 2 weeks later...
  • ESET Staff

hi ivanp74,

which version of EMSX do you use?

If you use 6.3+ then you can create a transport rule (Advanced setup/Server/Rules)
condition: Message headers contain "RDNS failed"
action: quarantine/drop/reject

If you use 6.4 then you can enable SPF

Link to comment
Share on other sites

  • 5 weeks later...

Awesome!

 

Upgraded.

 

SPF enabled didn't stop Failed RDNS emails.

I had to add a rule under Rules / Mail Transport Protection

It works as expected now.

 

Thanks a lot!

Edited by ivanp74
Link to comment
Share on other sites

I'm starting to think blocking Failed RDNS is not such a good idea

 

"..from NAM02-BL2-obe.outbound.protection.outlook.com ([104.47.38.42] RDNS failed) by..."

 

 

RDNS is failing in from those server and a few more legit senders.  

 

I was hoping to trap the spammers, but the net is too wide, need something smaller.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...