DNS Blacklist not checking all stations

darestep
Posts: 2
Joined: Tue Apr 25, 2017 11:13 am

DNS Blacklist not checking all stations

Postby darestep » Tue Apr 25, 2017 1:45 pm

MailEnable Professional 8.60

We have a primary mail server (MailEnable Professional) and a fallback/secondary mail server (MailEnable Standard). The fallback is smart hosted received emails to the primary server. The primary server hasn't whitelisted the fallback, and has the out-of-the-box anti-spam features enabled and configured.

We are facing a lot of SPAM that is on purpose delivered to the fallback, and then smart hosted to our primary server. Due to that smart host action, two Recieved headers are applicable, the first is our own fallback, the second is the source when the email entered the internet. See two examples below.

Example 1

Code: Select all

Received: from mail2.myowndomain.com ([22.22.22.x]) by myowndomain.com with MailEnable ESMTP; Tue, 25 Apr 2017 15:07:07
Received: from [194.225.232.45] ([194.225.232.140]) by myowndomain.com with MailEnable ESMTP; Tue, 25 Apr 2017 15:07:23
Received: (from apache@localhost) by odysseyexpeditions.com (8.14.7/8.14.7/Submit) id


Example 2

Code: Select all

Received: from mail2.myowndomain.com ([22.22.22.x]) by myowndomain.com with MailEnable ESMTP; Tue, 25 Apr 2017 13:31:02
Received: from [42.114.33.200] ([42.114.33.200]) by myowndomain.com with MailEnable ESMTP; Tue, 25 Apr 2017 13:31:16
Message-ID: <82C55AE34C1D7CF5B22D943B6A0B82C5@formosalogistics.com>
From: <sinairfreight@formosalogistics.com>
To:


It seems like the DNS Blacklisting feature is only challenging the blacklist with the first IP-address, in our case that of our own fallback mail server. That fallback is not on the blacklist so the email is accepted. But if you check the second (source / origin) IP address against the blacklist, you'll find that that IP is listed.

I suspect this is a bug, because I would expect that all public IP-addresses that are forming the path of a SMTP transaction need to be challenged against the DNS blacklist. Or at least conditionally based on a setting or something.

In case this isn't a feature, and that only the first received header IP is being blacklist challenged, what are my options to counter this spam that flows in via the fallback? And yes, I'm aware that the fallback should counter this spam in the first place :?

Admin
Site Admin
Posts: 774
Joined: Mon Jun 10, 2002 6:31 pm
Location: Melbourne, Victoria, Australia

Re: DNS Blacklist not checking all stations

Postby Admin » Tue May 02, 2017 12:40 am

Only the connecting IP address is checked against the DNS blacklist, before the email is accepted. Maybe mxscan plugin does this, or enable blacklisting on the backup server.

Who is online

Users browsing this forum: No registered users and 1 guest