Hello Arnold,

Sorry, I was looking at the DNS BL tests wrong. You are wanting the test itself to run sooner.

I’m going to verify with our developers that both tests are waiting until after the RCPT command in case there are domain exceptions.

You can also create a Sieve Script for the DNS BL check using script text such as the following:

require [“securitygateway”,“reject”,“fileinto”,“envelope”];
if allof(not ip “des”) {
if not lookup “rblip” “all” {
disconnect “$RBLREASON$”; }
}

If you’d like to assistance creating the Sieve Scripts please contact our Technical Support team. You can find all of our support options at http://www.altn.com/support/.

Thanks,

Arron

Hello Arnold,

In my tests SecurityGateway was dropping connections immediately after the DNS black list check however it was waiting until after the RCPT command to drop the session if the IP was on the local black list. This is most likely so that it knows which domain the message is addressed to in case there are domain exceptions configured. I’ll check with the developers to be sure and if there isn’t a reason for waiting we can look into changing it.

In the mean time you can force BlackList IP check to happen as soon as the connection is opened by creating a custom sieve script.

For the BlackList IP script text use the following.

require [“securitygateway”,“reject”,“fileinto”,“envelope”];
if blacklisted “ip” { disconnect “Access Denied”; }

Set the Mail Event to “IP”

If you’d like to assistance creating the Sieve Script or determining what might be causing your SecurityGateway server to not immediately reject connections based on DSNBL results please contact our Technical Support team. You can find all of our support options at http://www.altn.com/support/.

Thanks,

Arron