Front Door Rejector

Often email servers come under attack generating from hundreds of IP addresses on the Internet. A high volume of emails in a short span can bring any email server to its knees. Front Door Rejector (FDR) is a mechanism to block emails coming before the message is sent for normal filtering.


Use Front Door Rejector as a last resort and only when you are under an attack. We also recommend removing these filters as soon as possible once you think the attack is over.
As the name suggests, this mechanism has the ability to reject incoming emails before going through the normal filtering process. This logic has both pros and cons. It helps improve the scalability of the overall system by reducing the load. On the other hand, there will be no trace if a good message gets rejected incorrectly.

There are three types of filters:
  1. IP Based
  2. Sender/Recipient
  3. Content


  • You must use build 6000 or above.
  • You must use the regular SMTP server. Front Door Rejector will NOT work with the proxy server. If you are using the proxy server, please see this page on how to switch from proxy to regular.
Done by adding AttackerIP.txt in $INSTALL_DIR\config folder. It holds one IP per line causing Xeams to reject emails from this IP address
Done by adding CustomRejection.dat file in $INSTALL_DIR\config folder . This file contains one rule per line. Each rule contains two tokens separated by three $ signs. The first token is for sender's email and second is for recipient. The phrase ALL signifies every sender or recipient. Regular expressions are accepted. For example:
The above example will reject senders containing *.top as their top-level-domain and the rule applies to EVERY recipient.

Sample File

# This file can be used to reject emails from certain senders or to certain recipients.
# Email rejected due to this file will NOT appear in Xeam's Admin Console and you will never
# if a legitimate sender gets blocked.
# It contains two tokens in each line separate by three $ signs. 
# The first token is for sender's email address and the second token is for recipient.
# You can either specify a complete email address, a regular expression or the phrase ALL that signifies EVERY sender or recipients. 
# For example:
#     [\S]*\.top$$$ALL
# will reject senders containing *.top as their top-level-domain and the rule will apply to EVERY recipient.
# Similarly, 
# will reject emails from if the recipient is

  • Locate the config folder, which is a sub-folder in the $INSTALL_DIR. A typical path on Windows is C:\Xeams\config and is /opt/Xeams/config on Linux.
  • Create a new text file called FrontDoorRejector.txt
  • Each line in this file is used as a search phrase for incoming emails. For example, if you're getting thousands of messages containing Russian Bride in the body, enter the following line:
    russian bride
  • Save the file. The system will read this file every 10 minutes and therefore, modifications to the file does not require a restart.


Although emails rejected using this mechanism will not be seen through the web interface, you can use the following method to create a log file.
  • Locate $INSTALL_DIR\logconfig.xml and open it up in any editor, such as Notepad.
  • Add the following two sections in the file
    <!-- Pasted this section where other appenders are located, usually towards the top --> <appender name="FRONTDOOR" class="org.apache.log4j.RollingFileAppender"> <param name="File" value="logs/FrontDoor.log" /> <param name="Append" value="true" /> <param name="MaxFileSize" value="5MB" /> <layout class="org.apache.log4j.PatternLayout"> <param name="ConversionPattern" value="%d %-5p %c{2} - %m%n"/> </layout> </appender> <!-- The following section goes where you see category nodes, towards the end of the file --> <category name="FrontDoorRejector" additivity="false"> <priority value="DEBUG" /> <appender-ref ref="FRONTDOOR"/> </category>
  • Save the file and restart Xeams.