Back to Community Threads
Block Inbound Mail (SMTP connections) by Country?
Idea shared by Jay Dubb - 12/25/2025 at 7:35 PM
Proposed
J
We already can block authentication to the server by country.  I propose a similar feature for inbound SMTP connections, to block based on originating country.  Yes, I know geolocation databases can and do have errors, but generally speaking they would be good enough for many regions of the world we'd like to block.  Give us the same options as with authentication filtering-- let us choose to "block these" or "block all except".  Both options are useful depending on circumstance.

Currently, we use HE's BGP looking glass to view source IPs that hit our honeypot mailboxes and base our blocking decisions on the provider that holds those blocks AND/OR the country of origin.  We've found the vast majority of our Spam/Scam/Phish captures come from a relatively short list of countries.  And we know Smartermail already has geo-lookup capability built in, because when we Blacklist a network, the Country field auto-populates.

PLEASE UP-VOTE if you agree.
 
J
The downside of this is that SM's geo-ip databases are hard coded into the installation and cannot be updated directly.  

The only way to update them is to upgrade the entire mail server - which as we all know can be hit or miss...
MailEnable survivor / convert --
D
I have a firewall which does country blocking.   I started with few restrictions, because it is hard to predict which worldwide data center will be used for wanted message.

Recently, I have been locking down tighter and tighter.   When I got an attack, for example, from Malawi, it was easier to block the country than to figure out wherher an abuse report to the infrastructure provider would be effective.

I do file abuse reports almost every day.   Better to depm-platform the bad guys than to merely block them.
S
We implement a similar solution based on IDS block events and blacklists. Whenever an IP is flagged by the IDS, we analyze the source of the block. Since attacks and sniffing attempts typically originate from a limited number of countries, we blacklist entire IP blocks from those countries. In some cases, we also blacklist all IP ranges announced by the corresponding ISP or hosting provider. This solution is already in place and operates using a blacklist-based approach, where you can block by protocol
J
@Sérgio Rocha - we have been doing the same thing manually.  We are careful not to over-target blocks of IPs from domestic providers, but for certain countries that are known to be problematic we'll blacklist entire /16's or even larger.  We've even blocked entire /8's from regions well-known to be hostile.  That heavy-handed approach isn't for everyone, but it works well for us.  It would be a huge win to tell Smartermail to block all inbound SMTP from (list of countries) which would cut most of the spam.  The rest would be fine-tuned manually at a more focused, narrow level.
 
Back to Community Threads

Reply to Thread

Enter the verification text
Related Knowledge Base Articles
Set up Autodiscover for SmarterMailSmarterMail > Installation and Configuration
Key SmarterMail MilestonesSmarterMail
Cannot Receive Mail MessagesSmarterMail > Troubleshooting
Recommended SPAM SettingsSmarterMail > Antispam and Antivirus
Hybrid Setup Using SmarterMail and Microsoft (Office) 365SmarterMail > Installation and Configuration