Messaging Gateway

 View Only

  • 1.  Blocking outbound mail not my domain(s)

    Posted Oct 18, 2012 05:46 PM

    We have multiple  TLDs sending outbound mail to the internet.  We have some developers that don't understand mail / SPF / DKIM / DMARC and send mail as user@someother.domain.com instead of one of our domains.

    I think a content policy it the correct place for this.

    Lets say I have domain1.com, domain2.com.  I'd like to block any mail where the FROM is NOT one of

    user@domain1.com

    user@host.domain1.com

    user@domain2.com

    user@host.domain2.com

    Would this work?   Is there a better way (Regular expression?  Domain1 and Domain2 are very different)

    Conditions:
    Apply to : Outbound Messages
    Which of the following must be met: All

       If text in From: Address part of the message does not end with "@domain1.com"
       If text in From: Address part of the message does not end with ".domain1.com"
       If text in From: Address part of the message does not end with "@domain2.com"
       If text in From: Address part of the message does not end with ".domain2.com"

    Actions

       I'd start with add a header, then move to quarantine, and finally delete.



  • 2.  RE: Blocking outbound mail not my domain(s)

    Broadcom Employee
    Posted Oct 18, 2012 06:24 PM

    That sounds like it should work. Is this 9.5 or 10.0?



  • 3.  RE: Blocking outbound mail not my domain(s)

    Posted Oct 19, 2012 02:11 PM

    9.5, but next week it will be 10.x.  Is there a better way in v10?



  • 4.  RE: Blocking outbound mail not my domain(s)

    Broadcom Employee
    Posted Oct 19, 2012 02:20 PM

    The reason I ask is that 10 has some extra options for Content FIltering, such as stopping rule processing if that rule is triggered. This would be useful for this rule to keep it from wasting anymore resources on this message.