beautypg.com

4 whitelist, 5 blacklist, 6 smtp and pop3 – ZyXEL Communications 5 Series User Manual

Page 288

background image

ZyWALL 5/35/70 Series User’s Guide

288

Chapter 15 Anti-Spam

The anti-spam external database checks for spoofing of e-mail attributes (like the IP address)
and uses statistical analysis to detect phishing.

15.1.4 Whitelist

Configure whitelist entries to identify legitimate e-mail. The whitelist entries have the
ZyWALL classify any e-mail that is from a specified sender or uses a specified MIME
(Multipurpose Internet Mail Extensions) header or MIME header value as being legitimate
(see

Section 15.1.7 on page 289

for more on MIME headers). The anti-spam feature checks an

e-mail against the whitelist entries before doing any other anti-spam checking. If the e-mail
matches a whitelist entry, the ZyWALL classifies the e-mail as legitimate and does not
perform any more anti-spam checking on that individual e-mail. A properly configured
whitelist helps keep important e-mail from being incorrectly classified as spam. The whitelist
can also increases the ZyWALL’s anti-spam speed and efficiency by not having the ZyWALL
perform the full anti-spam checking process on legitimate e-mail.

15.1.5 Blacklist

Configure blacklist entries to identify spam. The blacklist entries have the ZyWALL classify
any e-mail that is from a specified sender or uses a specified MIME (Multipurpose Internet
Mail Extensions) header or MIME header value as being spam. If an e-mail does not match
any of the whitelist entries, the ZyWALL checks it against the blacklist entries. The ZyWALL
classifies an e-mail that matches a blacklist entry as spam and immediately takes the action
that you configured for dealing with spam. The ZyWALL does not perform any more anti-
spam checking on that individual e-mail. A properly configured blacklist helps catch spam e-
mail and increases the ZyWALL’s anti-spam speed and efficiency.

15.1.6 SMTP and POP3

Simple Mail Transfer Protocol (SMTP) is the Internet’s message transport standard. It controls
the sending of e-mail messages between servers. E-mail clients (also called e-mail
applications) then use mail server protocols such as POP (Post Office Protocol) or IMAP
(Internet Message Access Protocol) to retrieve e-mail. E-mail clients also generally use SMTP
to send messages to a mail server. The older POP2 requires SMTP for sending messages while
the newer POP3 can be used with or without it. This is why many e-mail applications require
you to specify both the SMTP server and the POP or IMAP server (even though they may
actually be the same server).

The ZyWALL’s anti-spam feature checks SMTP (TCP port 25) and POP3 (TCP port 110) e-
mails. The anti-spam feature does not check (or act upon) e-mails that use other protocols
(such as IMAP) or other port numbers.

See also other documents in the category ZyXEL Communications Hardware: