6.2 ORF Online Help
Select your ORF version:

Table of Contents

Sender Blacklist


The Sender Blacklist allows you blacklist emails from specific senders or domains.

The list is available under BlacklistsSender blacklist in the left navigation pane.

Enabling or Disabling the Sender Blacklist

You can enable or disable the Sender Blacklist test by clicking the ON / OFF button on top of the BlacklistsSender Blacklists page, or on the FilteringTests page.

Using the Sender Blacklist

Sender Blacklist modes

Select the "Blacklist only the list below" option if you want to blacklist emails only from those senders that are present on the list. If you want to blacklist every emails, except from those senders that are on the sender blacklist, select "Blacklist all addresses, except the list below".

Adding, modifying and deleting addresses

Click the New button to add an email address or email address expression to the list. To modify an existing email address expression, click Modify or hit Enter. Email address expressions can be deleted using the Delete button or the Delete key.

Sorting the Sender Blacklist

Click the column header of any column by which you wish to sort the Sender Blacklist. To reverse sorting, click the column header again.

Exporting and importing the Sender Blacklist

Right-click on the list and select "Import list..." or "Export list...". Alternatively, you can do this from the menu, select FileImportSender blacklist... or FileExportSender blacklist....

Searching expressions in logs

Right-click on the list item or items and select "Search in logs..." to find log records that match the defined expression. Logs need to be loaded in the Log Viewer beforehand.

Blacklist Senders with Broken Sender Domain (FQDN test)

RFC standards require fully qualified domain name in the sender email addresses on SMTP transport level (otherwise no reply could be sent). Tick this checkbox to blacklist emails from senders who do not satisfy this criteria.

Notes

Envelope addresses

ORF works with the SMTP envelope sender address submitted during SMTP transport, while email clients like Microsoft® Outlook® show the MIME sender address only stored in the email header (the SMTP address are not stored in the email anywhere), so make sure you are blacklisting the right email address.

The SMTP envelope and MIME envelope information matches in most cases, but spammers often use different SMTP and MIME information to confuse the recipient. It is absolutely legal to use different SMTP and MIME address information. The Bcc: addressing, mailing lists, CRM software and other systems with automatic bounce-handling also often take advantage of this. For example, Yahoo mailing lists handle bounces automatically and their notifications are sent with SMTP envelope email addresses like [email protected] – the email client reports however that the email was sent by [email protected].

If you wish to blacklist the MIME sender address displayed in the email client instead of the SMTP sender address, you could do so by adding a regular expression with Email header (raw MIME) scope to the Keyword Blacklist. For example, the email address [email protected] can be blacklisted by using the following regular expression:

.*^From:[^\r\n]*\[email protected]\.tld\b[^\r\n]*\s$

Note that the "." (dot) character should be escaped by adding a preceding "\" (backslash).

Copyright © Vamsoft Kft. All rights reserved. Document ID adm-senderblacklist, version 2.