Help with blacklisting
Posted: 07 Mar 2020 12:47
Hi everyone,
I have the following question: Is there any possibility to blacklist not the sender domain (as it is in mailwatch sql blacklist), but the smtp that sends it?
And here is why: for the last couple of days we received a lot of phishing messages from (as it seems) the servers of one (probably) hosting company:
The sender server always differs, but always resolves to: *.hostwindsdns.com. I tried adding hostwindsdns.com to the blacklist without success. The problem is that they always using different header.from.
I've google this for awhile, but it is getting really annoying, so I would like to blacklist (or reject) anything coming from *.hostwindsdns.com.
Can I modify the mailwatch sql blacklist behaviour, to do that? I already have quite a blacklist there...
Any help would be appreciated.
Thank you.
I have the following question: Is there any possibility to blacklist not the sender domain (as it is in mailwatch sql blacklist), but the smtp that sends it?
And here is why: for the last couple of days we received a lot of phishing messages from (as it seems) the servers of one (probably) hosting company:
Code: Select all
Received: from aruba.it (hwsrv-685461.hostwindsdns.com [23.254.224.199])
I've google this for awhile, but it is getting really annoying, so I would like to blacklist (or reject) anything coming from *.hostwindsdns.com.
Can I modify the mailwatch sql blacklist behaviour, to do that? I already have quite a blacklist there...
Any help would be appreciated.
Thank you.