Solved

Blocking email from certain countries on Windows 2003

Posted on 2008-06-23
6
581 Views
Last Modified: 2008-07-08
I am using CA eTrust Secure Content Manager to filter spam coming in to our network. We notice that a lot of the spam is coming from Korea, Russia and China, and as we do not deal with anyone from these countries, we want to block all connections from these countries. Is there any way to do this on a Windows 2003 server? Either within Secure Content Manger (i.e Blocking public address ranges - which I can seem to find any databases of public IP address ranges for countries) or as a free SMTP relay application that performs a IP to Location check with option to block certain countries?
0
Comment
Question by:Accdat
6 Comments
 
LVL 7

Accepted Solution

by:
Christopher Martinez earned 500 total points
ID: 21851231
Sure....open up Exchange system manager (SM), goto the Global SEttings, and right click on Message Delivery and select properties.
In the connection filter tab click add
In the connection filter rule enter: Display name: TQMCube_countries            
DNS Suffix of provider: world.tqmcube.com
* Click return status code and it will bring up a code looking for ip list...the follow website has the numbers to enter for the country you wish to block (i.e. 127.0.0.193 for russia)  
http://www.tqmcube.com/worldzone.php
ok out of everything now and ignore the error message.
Goto administrative groups inj the ESM than goto your particular admin group, servers, your server, protocols, SMTP and right click on deftault SMTP Virtual server and goto properties.
In the general tab goto advanced Button.
Click Edit
In the ID page enter a check in connection filter and OK out of it all.
You will need to repeat the * step for every country you wish to put in.

Hope this helps and some of this is from memory so will try to clean it up if this doesnt work :)

0
 

Author Comment

by:Accdat
ID: 21851463
Bahpoopie,

Thanks for the information, however, I need to do this filtering before the mail hits my spam filter - otherwise the mail will be quarantined which is what we are trying to avoid - having to scan through hundreds of spam email per day from countries we don't want to receive emails from.

At the moment, eTrust SCM is listening on port 25, filters the email and then forwards it on to Exchange listening on port 2525. Is there anyway I can setup a seperate SMTP relay in Exchange to peform this filter first, then pass the mail on to eTrust SCM and the back to the SMTP Virtual Server in Exchange?

Or is there some other way?
0
 
LVL 4

Expert Comment

by:BGTSLLC
ID: 21852022
Buy Securence and run everything though that first.  Feel free to contact me.

http://www.securence.com/
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 7

Expert Comment

by:Christopher Martinez
ID: 21857431
Well...hrm....try to create a second virtual SMTP with all the rules i set above
goto the exchange manager and right click on default SMTP virtual server and goto properties
On the general tab set the virtual server to listen on the IP address for the second server
On the delivery tab goto advanced
Configure the virtual server to use a smart host to forward all mail through the outbound smtp virtual server
Than configure the second virtual smtp to accept a relay only from the primary IP address that the default smtp server uses.
In practice ive made this work but i never had the eTrust SCM thing thrown in the mix, so i apologize for generalizations. ive heard really good things about this company too to avoid the headache of that overhead http://www.gfi.com/
0
 

Author Comment

by:Accdat
ID: 21861207
Bahpoopie,

I'm waiting on a call from CA regarding SCM and it's ability to block based on these presedence. If that doesn't work, I'll try configuring a new SMTP Virtual Server will all the rules you've mentioned and let you know the outcome.

Thanks for your contribution!

Accdat
0
 

Expert Comment

by:Finikito
ID: 24495935
I found the list with all the country codes here: http://archives.neohapsis.com/archives/postfix/2006-08/0130.html
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Operating system developers such as Microsoft (https://www.microsoft.com) and Apple have made incredible strides in virus protection over the past decade. Operating systems come packaged with built in defensive tools such as virus protection and a f…
Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question