Facebook
Twitter
R
Rick
Guest
What is the point of having a "block domains" feature if it don't work?
We have two Plesk machines and both of them pass mail that has been added to the blocked domains list.
First of all... the whole concept of blocking domains by domain name is almost useless. Most of the bad stuff coming in has a forged header anyway so more often than not, blocking a domain is not going to be effective. This should be entered by IP/subnet (just like the whitelist is) ... so why isn't it?
I usually end up using iptables to block habitual mail offenders just for that reason but I would much rather not have to add rules to an already too long list. It would be nice if the blocked domains feature worked and used an effective method (IP/subnet).
Secondly, even on email without forged headers, this feature simply does not work. I have tried to use it on both of our servers to block mail that does not come in with forged headers and it still passes the stuff.
For instance, mail with the following header...
X-Persona: <xxx - xxx.com>
Return-Path: <[email protected]>
Delivered-To: [email protected]
Received: (qmail 6505 invoked from network); 6 Apr 2005 18:20:52 -0000
Received: from hera678.hotmatchup.com (207.44.172.90)
by xxx.com with SMTP; 6 Apr 2005 18:20:52 -0000
From: Spotlight <[email protected]>
To: [email protected]
Should easily be blocked by putting hotmatchup.com in the blocked domains list... right? Wrong! It still passes right on through so I have to look it up and block the whole subnet with iptables rules.
There are a lot of things I like about Plesk but time and time again I find features that simply don't work and it irritates me to no end.
If I am doing something wrong then please enlighten me but this is just one example of many I have tried on multiple servers.
Rick
We have two Plesk machines and both of them pass mail that has been added to the blocked domains list.
First of all... the whole concept of blocking domains by domain name is almost useless. Most of the bad stuff coming in has a forged header anyway so more often than not, blocking a domain is not going to be effective. This should be entered by IP/subnet (just like the whitelist is) ... so why isn't it?
I usually end up using iptables to block habitual mail offenders just for that reason but I would much rather not have to add rules to an already too long list. It would be nice if the blocked domains feature worked and used an effective method (IP/subnet).
Secondly, even on email without forged headers, this feature simply does not work. I have tried to use it on both of our servers to block mail that does not come in with forged headers and it still passes the stuff.
For instance, mail with the following header...
X-Persona: <xxx - xxx.com>
Return-Path: <[email protected]>
Delivered-To: [email protected]
Received: (qmail 6505 invoked from network); 6 Apr 2005 18:20:52 -0000
Received: from hera678.hotmatchup.com (207.44.172.90)
by xxx.com with SMTP; 6 Apr 2005 18:20:52 -0000
From: Spotlight <[email protected]>
To: [email protected]
Should easily be blocked by putting hotmatchup.com in the blocked domains list... right? Wrong! It still passes right on through so I have to look it up and block the whole subnet with iptables rules.
There are a lot of things I like about Plesk but time and time again I find features that simply don't work and it irritates me to no end.
If I am doing something wrong then please enlighten me but this is just one example of many I have tried on multiple servers.
Rick
