Country blocking exception still not working ?

Please advise what software you are referring too?

Doesn't sound like UTM to me.

Hi,

Sorry. Forget to mention it:

Sophos UTM Home Edition

Version 9.411-3

Greetz Jaap

The main problem with country blocking and the UTM version does work is that the scamming countries can have a .ru or .vn suffix but be using a US based server so country blocking will fail every time.

Country blocking is really only good for that play fair which does not describe the bad guys. So you also need to look at suffix blocking for your mail and websites.

These are the trade offs if you want to implement real security.

Hi, thanx again :)

I 'm fully aware of the limitations of country blocking. It is just one in a row of security measures

But I am just surprised that this option doesn't work properly.

And, searching the forum on this subject, already for several years.

Greetz Jaap

Country blocking works as designed, using the assigned ip address ranges.

What you are looking for is country blocking based on suffix (wrong term but it will do) which you can setup your self, but requires it to be done for each proxy eg mail, web, etc.

Country blocking works as designed, using the assigned ip address ranges.

What you are looking for is country blocking based on suffix (wrong term but it will do) which you can setup your self, but requires it to be done for each proxy eg mail, web, etc.

Yes, we got caught out by this. We were sending mail to a .uk address but they were using trendmicro (japan) as their spam solution. Because the UTM blocked anything coming from Japan (in this case the spam server doing an rdns on us), our mail was blocked as it was seen as spam.

Hi,

I haven't used an IP-address or IP-range but DNS host type option.

You are saying that that doesn't work?

And what/how do you mean 'which you can do by your self'?

Greetz Jaap