All Email Security Gateways, firmware versions 3.5.12 and above.
When the Email Security Gateway receives a connection, it does a reverse DNS lookup using the IP address of the sender to find the hostname associated with it. The last part of a hostname is known as the top-level domain, or TLD. Most TLDs outside of the United States include a country identifier, such as .ca for Canada, .ru for Russia, and so on. If most or all of the mail that you receive from a given country is spam, you may choose to tag, block or quarantine any message that has an associated hostname that includes that country's TLD. Email which is not blocked is subject to all of the usual spam and virus checks.
To block, quarantine or tag messages from one or more specific countries:
- Navigate to the Block/Accept > Reverse DNS page of the Email Security Gateway's web interface.
- For each country in the table, select the option that matches what you want to do with any email sent by a hostname that includes that country's identifier (Block, Tag, etc.).
- Click Save Changes.
In addition to the common country TLDs already supplied on the Block/Accept > Reverse DNS page, you can specify your own by following these steps:
- At the bottom of the Block/Accept > Reverse DNS page (under the Custom Reverse DNS rules heading), enter a Value that matches the end of the hostnames that you want to tag, block or quarantine. To block all mail from Japanese domains, for example, you would enter the country identifier for Japan, .jp. You can also block more than just TLDs - if you enter a domain like example.com, the Email Security Gateway will block any message that has an associated hostname that ends with that domain name, including example.com, goodexample.com, and good.example.com.
- Select the option that matches what you want to do with any email sent by a hostname that ends with this Value, either Block, Quarantine, or Tag.
- Click Add.