You can block top level domains(such as .ru, .cn) at Exchange server. Just don't block domains you'll might get legitimate email from.
In Exchange 2007 and Exchange 2010, you'll add domains to block on the Organization Configuration, Hub Transport, Anti-spam tab, Sender Filtering.
After adding the domains to the list, choose how the message should be handled on the Action tab: Reject message or Stamp it with blocked sender and continue processing.
After setting up the domains, right click on Sender Filtering and choose Enable, to enable the Sender Filtering rule.
Exchange 2003
In Exchange 2003, open the Exchange System Manager, expand your organization, Global Settings, right click on Message delivery and choose Properties. Add the domains you wish to block on the Sender filtering tab, using one of these formats:
alias@spammerdomain.com
*@spammerdomain.*
*@spammerdomain.com
*@*.spammerdomain.com
Because many spammers use fake addresses or domains, you may want to enable accept messages without notifying sender of filtering to reduce NDR traffic.
Filtering messages with blank subjects may filter read receipts.
You'll also need to enable the Sender filter on the SMTP server.
At an organization level, if I am wanting to set up a filter in my mail server, which only allows specific domains to send e-mails to my organization from, how do I go ahead and set this up. Example: My trusted domain is XYZ.com and the untrusted domain is XYZUSA.com and if I receive any e-mail from XYZUSA.com instead of XYZ.com, the mail box automatically filters that to the spam e-mail folder and only allows mails from XYZ.com. Can this be done for multiple domains?
In the opening paragraph you had indicated "filtering top level domains(such as .ru, .cn) at Exchange server. However, Exchange does not provide any facility to do so. You can filter specific domains, individuals, but not .ru, or .us, etc. Would you please elaborate on how exactly the top level domains are filtered? Thank you.
That applies to Exchange 2007 and 2010 - unfortunately, i no longer have either server to check, but i believe you put the domain in as .ru in Organization Configuration, Hub Transport, Anti-spam tab, Sender Filtering.
Thank you Stefan, good idea.
Thank you Marshall. I'm giving a try to your hint: hope it will work.
Working with Exchange 2007. When trying to block all messages from the .eu TLD, I enter in .eu, and it tells me that is not a valid SMTP domain. I enter a sender as *@*.eu, and I get the same error. If I enter the domain as "eu" (without quotes), it accepts it, but it does not filter the messages out. I found that the only way to filter was with a Transport Rule (Exchange Management Console>Organization Configuration>Hub Transport>Transport Rules tab> New Transport Rule. Set the condition to "when the From address contains text patterns" and set the pattern to the TLD in question (i.e., .biz, or .eu). Set the action to whatever you feel is appropriate (i.e., Silently drop the message).
Marshall thank you, I was wondering if your suggestion works (after so many months) and were you using just ".eu or .cn" or was it like a wild card " *@*.cn" thank you.
I am using the following regular expression in Exchange 2010 transport rules:
@\w*.ru(.ru)*$
Same for quite a few other domains.
The double usage of .ru is because otherwise it wouldn't block test@ru.ru
Works good!
The instructions for 2003 are not valid. In the sender filtering tab addresses must be entered in the form of "some name", name@spammer.domain, or @spammer.domain. You can not enter @*.in for example. What most of us are looking for is a way to block all .in or .ru top level domains for countries we do not do business with.
Try *@*.in, *@*.ru - it should work. You also need to enable sender filtering on the SMTP server, which I failed to mention. (I no longer have a running Ex2003 server to verify that it works with the TLD, rather than individual domains within a TLD. (*@*something.ru).)