Jump to content


Forcing Deferred e-mails to be blocked by Firewall not Antispam

Deferred messages firewall

  • Please log in to reply
No replies to this topic

#1 opjose

  • Members
  • 253 posts
  • LocationWashington D.C. Area

Posted 08 August 2018 - 01:15 PM

We have both Barracuda Firewalls and Anti-spam systems.


It would be REALLY nice if the anti-spam system could talk to the firewall and tell it when it sees incoming deferred messages that exceed a threshold.


A firewall rule should have the originating IP blocked.


Often e-mail authentication is used to verify password hack attempts.


I frequently manually block IP's subnets on my firewalls that I see originating thousands of deferred bogus authentication attempts.


My threshold is in the thousands to catch only those with malicious intent.


I block ALL firewall traffic from those IP's.


The systems could do this automatically.


This interaction creates a "feature" requiring both systems be from Barracuda... more sales?


BTW: Since I even have authenticated relaying turned off, the anti-spam system is acting as a "honeypot" catching hack attempts on our network(s).

Blocking the originating IP range makes our systems "disappear" to them.