Docs/Security Features/Geographic Blocking

Geographic Blocking

Filter email traffic based on the geographic location of the sender's IP address.

Overview

Geographic blocking allows you to accept or reject emails based on the country of origin of the sending IP address. This is particularly useful for organizations that only operate in specific regions or want to block known high-risk countries.

Note

Geographic blocking uses the MaxMind GeoLite2 database, which is updated automatically.

Blocking Modes

SecZim supports two geo-blocking modes:

Blocklist Mode

Block specific countries, allow everyone else. Best for blocking known high-risk regions.

Allowlist Mode

Allow only specific countries, block everyone else. Best for strict regional access control.

Configuration

Configure geo-blocking in the web interface under Settings → Geographic Blocking.

Enable Geo-Blocking

  • Toggle "Enable Geographic Blocking" to ON
  • Select your preferred mode (Blocklist or Allowlist)
  • Add countries using ISO country codes

Country Codes

Use standard ISO 3166-1 alpha-2 country codes:

Code Country Code Country
US United States CN China
RU Russia BR Brazil
DE Germany IN India
GB United Kingdom NG Nigeria

Apply to Inbound/Outbound

You can choose to apply geo-blocking to:

  • Inbound only: Block emails coming from blocked countries
  • Outbound only: Block emails being sent to blocked countries
  • Both: Apply geo-blocking in both directions
Warning

Enabling allowlist mode with a small country list may block legitimate emails. Always test thoroughly and consider using blocklist mode first.

Common High-Risk Countries

Based on spam and attack statistics, these countries are commonly blocked:

  • RU - Russia
  • CN - China
  • NG - Nigeria
  • VN - Vietnam
  • UA - Ukraine
  • PK - Pakistan

Whitelist Exceptions

Even when geo-blocking is enabled, you can whitelist specific IP addresses or email addresses that should bypass the geo-blocking check. Use the Access Control Lists feature to create these exceptions.

Viewing Geo-Block Events

All geo-block events are logged in the session tracking logs. You can view them:

  • In the web interface under Logs → Session Tracking
  • Filter by "geo_blocked" in the details column
  • Via the API at /api/v1/sessions?geo_blocked=true
Tip

Start with blocklist mode targeting the top spam-source countries. Monitor the logs for a week before making the rules more restrictive.