ivanp74 0 Posted September 29, 2016 Share Posted September 29, 2016 Spam emails getting through with this headers:Received: from [171.234.173.26] ([171.234.173.26] RDNS failed) by mx.mail........com with Microsoft SMTPSVC(6.0.3790.4675); I can't find a setting on Eset Mail Security / Antispam engine setup, or any other place, to deny path to failed reverse-dns domains. Does it exist within this product? Or is it part of the mail server? Link to comment Share on other sites More sharing options...
ESET Staff filips 44 Posted October 11, 2016 ESET Staff Share Posted October 11, 2016 hi ivanp74,which version of EMSX do you use?If you use 6.3+ then you can create a transport rule (Advanced setup/Server/Rules)condition: Message headers contain "RDNS failed"action: quarantine/drop/rejectIf you use 6.4 then you can enable SPF Link to comment Share on other sites More sharing options...
ivanp74 0 Posted November 10, 2016 Author Share Posted November 10, 2016 ESET Mail Security Version 4.5 for old Exchange Server I don't see an option to add rules for headers...just message body. Link to comment Share on other sites More sharing options...
ESET Staff filips 44 Posted November 11, 2016 ESET Staff Share Posted November 11, 2016 Version 4.5 of EMSX didn't support message headers rule.BTW. EMSX 6.4 runs on Exchange 2003 or newer Link to comment Share on other sites More sharing options...
ivanp74 0 Posted November 11, 2016 Author Share Posted November 11, 2016 (edited) Awesome! Upgraded. SPF enabled didn't stop Failed RDNS emails. I had to add a rule under Rules / Mail Transport Protection It works as expected now. Thanks a lot! Edited November 14, 2016 by ivanp74 Link to comment Share on other sites More sharing options...
ivanp74 0 Posted November 14, 2016 Author Share Posted November 14, 2016 I'm starting to think blocking Failed RDNS is not such a good idea "..from NAM02-BL2-obe.outbound.protection.outlook.com ([104.47.38.42] RDNS failed) by..." RDNS is failing in from those server and a few more legit senders. I was hoping to trap the spammers, but the net is too wide, need something smaller. Link to comment Share on other sites More sharing options...
Recommended Posts