You could probably do it with bash scripting. For instance, grep or cut their IPs from dig or nslookup and then pass that value to a variable to use within the specific chain in your script. You'll probably need to do a lookup of their mx records before you can block the appropriate IP addy. If you re-execute the script periodically with cron, it should reflect any address changes on their end. Actually, none of this may work at all, but it's how I would initially approach the situation. You also may be able to config something with your MTA (sendmail, postfix, etc) to achieve the same result a lot easier and cleaner. In fact, I would see what can be accomplished by configing your MTA before I tried to write some kind of crazy script.