Forum Discussion
Enhanced Filtering for Connectors Mailchimp Spoof intra-org
Hi, We have a hybrid exchange setup. Our mx-records points to a on-premise third-party anti-spam server. This server sends mails to another internal relay-server who sends it to our on-premise ex...
The Rocket Science Group ranges aren't that fragmented. The following mail flow rule doesn't do what you want but might inspire others on this forum. I haven't checked the ranges in some time but my recipients don't report any spam traceable back to RSG:
New-TransportRule -Name 'Filter Mandrill from Mailchimp spam'
-Comments 'Pushes Mailchimp spam to SCL 7. Exempts Mandrill and domains for which we tolerate Mailchimp
-Mode Enforce
-SenderIpRanges 148.105.0.0/16, 198.2.128.0/18, 205.201.128.0/20
-ExceptIfSenderIpRanges 205.201.139.0/24, 205.201.136.0/23, 205.201.134.128/25, 205.201.131.128/25, 198.2.186.0/23, 198.2.180.0/24, 198.2.178.0/23, 198.2.177.0/24, 198.2.136.0/23, 198.2.132.0/22, 198.2.128.0/24
-ExceptIfSenderDomainIs 'exempted-domain.one', 'exempted-domain.two', 'mailchimp.com'
-PrependSubject '[BULK NETWORK] '
-SetAuditSeverity 'Low'
-ApplyHtmlDisclaimerLocation Prepend
-ApplyHtmlDisclaimerFallbackAction Wrap
-ApplyHtmlDisclaimerText '<br>
<div style="font-size:11pt; font-family: ''Calibri'',sans-serif;">
<div style="background-color:#FFFCE3; border:1px dotted #003333; padding:.8em; ">
<p align=center style="font-size:11pt; line-height:11pt; font-family:''Calibri'',serif;">
This e-mail is tagged. See <a href="https://tenancy.sharepoint.com/sites/mydept/SitePages/E-mail-tags.aspx"> https://tenancy.sharepoint.com/sites/mydept/SitePages/E-mail-tags.aspx</a> for more information.
<br><br>
----------------------------------------------------------------------------------------------------------------------------------------------<br><br>
</p>
</div>'
-SetSCL 7
New-TransportRule -Name 'Filter Mandrill from Mailchimp spam'
-Comments 'Pushes Mailchimp spam to SCL 7. Exempts Mandrill and domains for which we tolerate Mailchimp
-Mode Enforce
-SenderIpRanges 148.105.0.0/16, 198.2.128.0/18, 205.201.128.0/20
-ExceptIfSenderIpRanges 205.201.139.0/24, 205.201.136.0/23, 205.201.134.128/25, 205.201.131.128/25, 198.2.186.0/23, 198.2.180.0/24, 198.2.178.0/23, 198.2.177.0/24, 198.2.136.0/23, 198.2.132.0/22, 198.2.128.0/24
-ExceptIfSenderDomainIs 'exempted-domain.one', 'exempted-domain.two', 'mailchimp.com'
-PrependSubject '[BULK NETWORK] '
-SetAuditSeverity 'Low'
-ApplyHtmlDisclaimerLocation Prepend
-ApplyHtmlDisclaimerFallbackAction Wrap
-ApplyHtmlDisclaimerText '<br>
<div style="font-size:11pt; font-family: ''Calibri'',sans-serif;">
<div style="background-color:#FFFCE3; border:1px dotted #003333; padding:.8em; ">
<p align=center style="font-size:11pt; line-height:11pt; font-family:''Calibri'',serif;">
This e-mail is tagged. See <a href="https://tenancy.sharepoint.com/sites/mydept/SitePages/E-mail-tags.aspx"> https://tenancy.sharepoint.com/sites/mydept/SitePages/E-mail-tags.aspx</a> for more information.
<br><br>
----------------------------------------------------------------------------------------------------------------------------------------------<br><br>
</p>
</div>'
-SetSCL 7