Skip to main content
My preferencesSign out
Proofpoint, Inc.

Filter mail from a specific Country of Origin

Situation You are receiving spam and/or phishing emails from a country that your company does not normally have dealings with.
Solution Create an Inbound Filter to quarantine emails from specific country of origin.

Create inbound filter to quarantine based on country of origin

The Client GeoIP Lookup field in the detail for a specific message tells you its Country of Origin.

  1. Navigate to Security Settings > Email > Filter Policies.
  2. Create a new Filter with Direction Inbound. Name it something appropriate e.g. Geo IP Block.

    New Filter.JPG

  3. Set the scope to Company Level and configure the filter logic as follows:
    IF Client IP Country IS [Country of Origin e.g. Algeria]
    DO Quarantine
    AND Require Admin Privileges to Release **Optional Step** 

    Filter Logic1.JPG
  4. Click Save

Once created, you can edit the filter or check its usage stats

Adjusting the Filter Logic

By slightly modifying this logic, it is possible to create a filter to lock down accepted traffic from a specified country of origin.

Lockdown.JPG

IF Client IP Country IS NOT [List of Countries]
DO Quarantine