beautypg.com

Amer Networks E5Web GUI User Manual

Page 405

background image

X-Spam-TXT-Records - A list of TXT records sent by the DNSBL servers that identified the
email as Spam.

X-Spam_Sender-IP - IP address used by the email sender.

These fields can be referred to in filtering rules set up by the administrator in mail server
software.

Allowing for Failed DNSBL Servers

If a query to a DNSBL server times out then cOS Core will consider that the query has failed and
the weight given to that server will be automatically subtracted from both the Spam and Drop
thresholds for the scoring calculation done for that email.

If enough DNSBL servers do not respond then this subtraction could mean that the threshold
values become negative. Since the scoring calculation will always produce a value of zero or
greater (servers cannot have negative weights) then all email will be allowed through if both the
Spam and Drop thresholds become negative.

A log message is generated whenever a configured DNSBL server does not respond within the
required time. This is done only once at the beginning of a consecutive sequence of response
failures from a single server to avoid unnecessarily repeating the message.

Verifying the Sender Email

As part of the Anti-Spam module, the option exists to check for a mismatch of the "From" address
in the SMTP protocol command with the actual email header "From" address. Spammers can
deliberately make these different to get email past filters so this feature provides an extra check
on email integrity.

If a mismatch is detected, one of two actions can be configured:

The email is dropped.

Allow the email to pass but tag it using the configured spam tag.

When sender address verification is enabled, there is an additional option to only compare the
domain names in the "From" addresses.

Logging

There are three types of logging done by the Spam filtering module:

Logging of dropped or Spam tagged emails - These log messages include the source email
address and IP as well as its weighted points score and which DNSBLs caused the event.

DNSBLs not responding - DNSBL query timeouts are logged.

All defined DNBSLs stop responding - This is a high severity event since all email will be
allowed through if this happens.

Setup Summary

To set up DNSBL Spam filtering in the SMTP ALG, the following list summarizes the steps:

Chapter 6: Security Mechanisms

405

This manual is related to the following products:
See also other documents in the category Amer Networks Computer Accessories: