CODEWITHSUNDEEP
emailblocksendgridspam
user35546
user35546

Reputation: 65

Blocking Spam from Sendgrid

Since July 3, we have been receiving hundreds of spam emails from Sendgrid, through Rackspace to our emails.

I have blacklisted the full SendGrid IP range 192.254.125.xxx

I have blacklisted the sender email - [email protected]

I have blacklisted the sender domain - smecos.best

I have verified that there is no entry on our whitelist for it.

Does anyone have an idea on how to block this?

Delivered-To:   [email protected]
Return-Path:    <[email protected]>
Delivered-To:   [email protected]
Received:   from director12.mail.ord1d.rsapps.net ([172.27.255.8]) by backend25.mail.ord1d.rsapps.net with LMTP id OALhG8KxBF9jTAAAANS3aA for <[email protected]>; Tue, 07 Jul 2020 13:32:50 -0400
Received:   from proxy10.mail.iad3a.rsapps.net ([172.27.255.8]) by director12.mail.ord1d.rsapps.net with LMTP id WBInGcKxBF/cKgAAIasKDg ; Tue, 07 Jul 2020 13:32:50 -0400
Received:   from smtp15.gate.iad3a ([172.27.255.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy10.mail.iad3a.rsapps.net with LMTP id QPz7EsKxBF80MAAAnQ/bqA ; Tue, 07 Jul 2020 13:32:50 -0400
Return-Path:    <[email protected]>
X-Spam-Exception:   WHITELISTED
X-Spam-Threshold:   95
X-Spam-Score:   100
X-MS-Exchange-Organization-SCL:     9
Precedence:     junk
X-Spam-Flag:    YES
X-Virus-Scanned:    OK
X-Orig-To:  [email protected]
X-Originating-Ip:   [192.254.125.54]
Authentication-Results:     smtp15.gate.iad3a.rsapps.net; iprev=pass policy.iprev="192.254.125.54"; spf=pass smtp.mailfrom="[email protected]" smtp.helo="o19225412554.outbound-mail.sendgrid.net"; dkim=pass header.d=sendgrid.net; dmarc=none (p=nil; dis=none) header.from=smecos.best
X-Suspicious-Flag:  NO
X-Classification-ID:    e0a3814e-c077-11ea-8ea3-525400f46865-1-1
Received:   from [192.254.125.54] ([192.254.125.54:40911] helo=o19225412554.outbound-mail.sendgrid.net) by smtp15.gate.iad3a.rsapps.net (envelope-from <[email protected]>) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=AES256-GCM-SHA384) id 69/3D-03017-1C1B40F5; Tue, 07 Jul 2020 13:32:49 -0400
DKIM-Signature:     v=1; a=rsa-sha256; c=relaxed/relaxed; d=sendgrid.net; h=content-type:from:subject:to; s=smtpapi; bh=kfSTUxrtrj7Cfftqpn3LN0WgHvE5kCnC+uOSG98vgVw=; b=h9mc6mDQC6rOc ccC9wL3Kli8FNwOSt5jau76QDpLrBAbHKhT396C0WbX2/KSD3uThrlp4nUXnvjSz r89bSPYTB6MJrgneNAlDS8NUaLi+NsKiUoR2rzuNp4DiS7srNyXLmpiDD2CT1ngR 1sWo8vVID+7G9+Zj/LmG4Hf8n1JV44=
Received:   by filter1449p1las1.sendgrid.net with SMTP id filter1449p1las1-6945-5F04B1AF-2 2020-07-07 17:32:31.196480369 +0000 UTC m=+669233.137313263
Received:   from localhost.local (unknown) by ismtpd0002p1lon1.sendgrid.net (SG) with ESMTP id ubRiQA93Qiu1jVJoiOUwWA for <[email protected]>; Tue, 07 Jul 2020 17:32:30.923 +0000 (UTC)
Content-Type:   text/html;
From:   LeafFilter Promotion <[email protected]>
Subject:    Clean-Flowing Gutters For Life. NOW 10% Off
To:     [email protected]
Date:   Tue, 07 Jul 2020 17:32:31 +0000 (UTC)
Message-ID:     <[email protected]>
X-SG-EID:   pcWxy9UBUtUw1gLvETZLKtJE+upTXkXQzSeXVboYOfj8445+b2JsYfGgCpUWh8jVevl8/mhHKM7/bO cH66Ixkc6hUTlPM1+gw7fPZ+GgUnTm9aSlAe3BVn04Ij2UoKzBcvDZTSeQ36bqJOD3LuCa3N042M5N 5w7kLpwCQtqtjsCrM4HXT078AKROMUSpgkSXwz0ZXJbX5V+mjjJlMheILWef2HZCdQIqmghlz64LFz s=

Upvotes: 0

Views: 3472

Answers (1)

Anonymous
Anonymous

Reputation: 11

Postfix Filter header_checks.pcre on

/^Message-ID: .*\.sendgrid\.net\>$/ REJECT spam emails from Sendgrid

Upvotes: 1

Related Questions