We use McAfee's SaaS Email Protection as a anti-spam gateway. Our MX records are properly set up so all mail to the domain goes through the gateway. However, we have found that some spammers are able to bypass the service entirely by sending mail directly to the IP address instead of the MX record.
McAfee says this:
Prevent attackers from bypassing the SaaS Email Protection by configuring your email server or firewall to only allow SMTP connections from the IP space used by the service.
Here are the IPs in various notation types. If you provide these to your e-mail provider, they should be able to lock down your e-mail connection to only accept inbound mail from McAfee EPS and prevent this type of message from reaching your firm in the future.
I have the IP list from McAffee in CIDR/21 and CIDR/24 formats as well as individual IP addresses. I manage the email server myself, but not sure where or how to enable this. Perhaps in /usr/etc/access ?
I do not believe the configuration is specific to FreeBSD platform, probably any Linux or other server running Sendmail.
Looking for some instructions on exactly how to configure this. Thanks in advance!