1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Blocking mail domains don't work

Discussion in 'Plesk for Linux - 8.x and Older' started by Rick, Apr 6, 2005.

  1. Rick

    Rick Guest

    What is the point of having a "block domains" feature if it don't work?

    We have two Plesk machines and both of them pass mail that has been added to the blocked domains list.

    First of all... the whole concept of blocking domains by domain name is almost useless. Most of the bad stuff coming in has a forged header anyway so more often than not, blocking a domain is not going to be effective. This should be entered by IP/subnet (just like the whitelist is) ... so why isn't it?

    I usually end up using iptables to block habitual mail offenders just for that reason but I would much rather not have to add rules to an already too long list. It would be nice if the blocked domains feature worked and used an effective method (IP/subnet).

    Secondly, even on email without forged headers, this feature simply does not work. I have tried to use it on both of our servers to block mail that does not come in with forged headers and it still passes the stuff.

    For instance, mail with the following header...

    X-Persona: <xxx - xxx.com>
    Return-Path: <info@HERA678.hotmatchup.COM>
    Delivered-To: xxx@xxx.com
    Received: (qmail 6505 invoked from network); 6 Apr 2005 18:20:52 -0000
    Received: from hera678.hotmatchup.com (
    by xxx.com with SMTP; 6 Apr 2005 18:20:52 -0000
    From: Spotlight <Spotlight@HotMatchup.com>
    To: xxx@xxx.com

    Should easily be blocked by putting hotmatchup.com in the blocked domains list... right? Wrong! It still passes right on through so I have to look it up and block the whole subnet with iptables rules.

    There are a lot of things I like about Plesk but time and time again I find features that simply don't work and it irritates me to no end.

    If I am doing something wrong then please enlighten me but this is just one example of many I have tried on multiple servers.