blocklist.conf - MTA-level IP Blocker configuration options
This file is mainly intended for enabling and disabling additional tests run by the MTA-level IP Blocker.
The other settings described below should only be changed as directed by Sophos Technical Support.
You can turn on MTA IP blocking via the Local Services tab of the PureMessage Manager or with the pmx-blocklist command.
Important: Whether you choose to block IP addresses by enabling MTA-level IP blocking or by using the PureMessage policy, PureMessage requires that the IP Blocker Service be enabled. This service is enabled by default. If you opt to block IP addresses using only the PureMessage policy, enabling the <code>block_dynamic</code> option described below will cause the additional tests to occur earlier in policy processing, thus improving efficiency.
The results of each connection handled by the Blocker are stored in
localhostwith the IP address of the IP Blocker machine. It is not recommended that you adjust this setting. Contact Sophos Technical Support before making any changes.
Default: 1 minute
block_dynamic option makes it possible to block spam from hosts that have
not yet established a reputation, but are very likely to be sending spam.
block_dynamicoption must also be set to ``Yes'' in order for this option to take effect. This option is available to Postfix users only.
Your message has been rejected because it is spam. http://www.example.com/%%IP%%
IP - Matched data from SophosLabs.
DYN - Matched dynamic sender data from SophosLabs.
HELO - The HELO string of the connecting mail transfer agent is suspicious.
CUSTIP - Matched an IP or hostname in the IP Blocking Inclusion list.
CUSTRDNS - A glob match has been specified in the IP Blocking Inclusion list.
DYNR - Matched a regular expression for RDNS mail senders.
If you are directing rejected senders to a site other than Sophos via a custom URL, the senders can, optionally, be redirected to a different page, depending on the type of block that occurred. For example:
Your message has been rejected because your internet service provider does not permit you to send mail. http://www.example.com/%%TYPE%%
See also pmx-blocklist
Copyright (C) 2000-2008 Sophos Group. All rights reserved. Sophos and PureMessage are trademarks of Sophos Plc and Sophos Group.