Issue Server-wide email blacklist not working correctly

[dieselpower44]

I've added several entries to Tools & Settings -> Mail Server Settings -> Black list, but I am still receiving mail from some of these domains.

I know that mail "from" header can be spoofed but my understanding was that this black list tool did not care about authenticity and should block mail if the domain is found in the black list, which is what I want.

Anyone able to help with this?

I know I can find the IP of the server and block that but it would be preferable to block the domain in case they change servers or have multiple.

Thanks

 

[dieselpower44]

Google seems to use their own “special” methods of blocking as I have seen them accept mail that fails common standards but filters others.
What happens if you email a Gmail account you control? I tend to email my personal account to verify delivery. It is always possible that users have marked past emails as spam or setup filters that are now impacting your messages.

Wait, I'm confused. Have I misunderstood Plesk's mail blacklist function? I thought it was to block *incoming* mail not outgoing mail. Are you suggesting it's only for blocking outgoing mail *to* the specified domains?

 

[Kaspar]

@dieselpower44, no, you are correct in assuming the mail server Blacklist in Plesk is only used for incoming mail. User TBane is talking rubbish.

I am not exactly sure about the inner workings of the blacklist. However I've also noticed some mails still coming trough using From address which domains I have added to the blacklist. I haven't investigated this thoroughly, but I believe this happens when the domain in the Return-Path header of an email is different from the From header. (There might be other scenarios as well).

 

[dieselpower44]

@dieselpower44, no, you are correct at assuming the mail server Blacklist in Plesk is only used for incoming mail. User TBane is talking rubbish.

I am not exactly sure about the inner workings of the blacklist. However I've also noticed some mails still coming trough using From address which domains I have added to the blacklist. I haven't investigated this thoroughly, but I believe this happens when the domain in the Return-Path header of an email is different from the From header. (There might be other scenarios as well).

I think you’re absolutely right. A couple of days ago I examined the headers in one of the mails that was still getting through and noticed a different domain in the Return-Path. I blocked that domain too and *touch wood* I haven’t had any from them since. Think you’ve cracked it - although it really shouldn’t be like that. It should be blocking Mail using the From header, as users expect.

It’s also problematic because sometimes (as in the case I mentioned above) the Return-Path is from a domain that is a service that many companies use so by blocking that domain, you’ve then also potentially blocked mail from non-spammy senders.

It would be great to get input from a Plesk dev here on this. Is there a way to ping them?

 

[Kaspar]

Thats good to hear, I wasn't sure if it was actually the Return-Path header. It's been a while since I've investigated this issue. Thanks for confirming.

It’s also problematic because sometimes (as in the case I mentioned above) the Return-Path is from a domain that is a service that many companies use so by blocking that domain, you’ve then also potentially blocked mail from non-spammy senders.

It would be great to get input from a Plesk dev here on this. Is there a way to ping them?

My suggestion would be to submit a bug report.