6.1 ORF Online Help
Select your ORF version:

Table of Contents

Sender Blacklist


The Sender Blacklist allows you blacklist emails from specific senders or domains.

The list is available under BlacklistsSender blacklist in the left navigation pane.

Enabling or Disabling the Sender Blacklist

You can enable or disable the Sender Blacklist test by clicking the ON / OFF button on top of the BlacklistsSender Blacklists page, or on the FilteringTests page.

Using the Sender Blacklist

Sender Blacklist modes

Select the "Blacklist only the list below" option if you want to blacklist emails only from those senders that are present on the list. If you want to blacklist every emails, except from those senders that are on the sender blacklist, select "Blacklist all addresses, except the list below".

Adding, modifying and deleting addresses

Click the New button to add an email address or email address expression to the list. To modify an existing email address expression, click Modify or hit Enter. Email address expressions can be deleted using the Delete button or the Delete key.

Sorting the Sender Blacklist

Click the column header of any column by which you wish to sort the Sender Blacklist. To reverse sorting, click the column header again.

Exporting and importing the Sender Blacklist

Right-click on the list and select "Import list..." or "Export list...". Alternatively, you can do this from the menu, select FileImportSender blacklist... or FileExportSender blacklist....

Blacklist Senders with Broken Sender Domain (FQDN test)

RFC standards require fully qualified domain name in the sender email addresses on SMTP transport level (otherwise no reply could be sent). Tick this checkbox to blacklist emails from senders who do not satisfy this criteria.

Notes

Before and On Arrival actions

When an email is blacklisted by the sender blacklist, the action performed depends on the filtering point. Before Arrival, the email is rejected with an SMTP response indicating a protocol error. The On Arrival filtering point provides a wider range of options; depending on your configuration, the email may be rejected, get tagged (either the header or the subject) or redirected to a specific mailbox.

SMTP responses

Email blacklisted by the sender blacklist at the Before Arrival filtering point get rejected with an SMTP response indicating a protocol error. Edit the SMTP response for the recipient blacklist on the FilteringActions page (click Edit under Before Arrival). The related SMTP responses are: "Sender blacklist (Hit)" and "Sender blacklist (No FQDN)". The latter is for emails rejected because of broken domain information (see the Blacklist Senders with Broken Sender Domain (FQDN Test) option above).

Email servers generate a bounce report (NDR) if they cannot deliver the email to the recipient due to a protocol error. Most email servers include the SMTP response of the recipient email server in the report, so you can customize the information received by the sender by editing the SMTP response.

Envelope addresses

ORF works with the SMTP envelope sender address submitted during SMTP transport, while email clients like Microsoft® Outlook® show the MIME sender address only stored in the email header (the SMTP address are not stored in the email anywhere), so make sure you are blacklisting the right email address.

The SMTP envelope and MIME envelope information matches in most cases, but spammers often use different SMTP and MIME information to confuse the recipient. It is absolutely legal to use different SMTP and MIME address information. The Bcc: addressing, mailing lists, CRM software and other systems with automatic bounce-handling also often take advantage of this. For example, Yahoo mailing lists handle bounces automatically and their notifications are sent with SMTP envelope email addresses like [email protected] – the email client reports however that the email was sent by [email protected].

If you wish to blacklist the MIME sender address displayed in the email client instead of the SMTP sender address, you could do so by adding a regular expression with Email header (raw MIME) scope to the Keyword Blacklist. For example, the email address [email protected] can be blacklisted by using the following regular expression:

.*^From:[^\r\n]*\busername@somedomain\.tld\b[^\r\n]*\s$

Note that the "." (dot) character should be escaped by adding a preceding "\" (backslash).

Copyright © Vamsoft Ltd. 2024. All rights reserved. Document ID adm-senderblacklist, version 1.