the following actions based on the sum calculated:
1.
Dropped
If the sum is greater than or equal to a pre-defined Drop threshold then the email is considered
to be definitely SPAM and is discarded or alternatively sent to a single, special mailbox.
If it is discarded then the administrator has the option that an error message is sent back to the
sending SMTP server (this error message is similar to the one used with blacklisting).
2.
Flagged as SPAM
If the sum is greater than or equal to a pre-defined SPAM threshold then the email is considered
as probably being SPAM but forwarded to the recipient with notifying text inserted into it.
A Threshold Calculation Example
As an example, lets suppose that three DNSBL servers are configured: dnsbl1, dnsbl2 and dnsbl3.
Weights of 3, 2 and 2 are assigned to these respectively. The SPAM threshold is then set to be 5.
If dnsbl1 and dnsbl2 say an email is SPAM but dnsbl3 does not, then the total calculated will be
3+2+0=5. Since the total of 5 is equal to (or greater than) the threshold then the email will be treated
as SPAM.
If the Drop threshold in this example is set at 7 then all three DNSBL servers would have to respond
in order for the calculated sum to cause the email to be dropped (3+2+2=7).
Alternative Actions for Dropped SPAM
If the calculated sum is greater than or equal to the Drop threshold value then the email is not
forwarded to the intended recipient. Instead the administrator can choose one of two alternatives for
dropped email:
•
A special email address can be configured to receive all dropped email. If this is done then any
TXT messages sent by the DNSBL servers (described next) that identified the email as SPAM
can be optionally inserted by NetDefendOS into the header of the forwarded email.
•
If no receiver email address is configured for dropped emails then they are discarded by
NetDefendOS. The administrator can specify that an error message is sent back to the sender
address along with the TXT messages from the DNSBL servers that failed the email.
Tagging SPAM
If an email is considered to be probably SPAM because the calculated sum is above the SPAM
threshold but it is below the Drop threshold, then the Subject field of the email is changed and
pre-fixed with a message and the email is forwarded on to the intended recipient. The tag message
text is specified by the administrator but can be left blank (although that is not recommended).
An example of tagging might be if the original Subject field is:
Buy this stock today!
And if the tag text is defined to be "*** SPAM ***", then the modified email's Subject field will
become:
*** SPAM *** Buy this stock today!
6.2.5. The SMTP ALG
Chapter 6. Security Mechanisms
212
Содержание 800 - DFL 800 - Security Appliance
Страница 24: ...1 3 NetDefendOS State Engine Packet Flow Chapter 1 NetDefendOS Overview 24 ...
Страница 69: ...2 6 4 Restore to Factory Defaults Chapter 2 Management and Maintenance 69 ...
Страница 121: ...3 9 DNS Chapter 3 Fundamentals 121 ...
Страница 166: ...interfaces without an overriding IGMP Setting Default 1 000 4 6 4 Advanced IGMP Settings Chapter 4 Routing 166 ...
Страница 181: ...4 7 5 Advanced Settings for Transparent Mode Chapter 4 Routing 181 ...
Страница 192: ...5 5 IP Pools Chapter 5 DHCP Services 192 ...
Страница 282: ...6 7 Blacklisting Hosts and Networks Chapter 6 Security Mechanisms 282 ...
Страница 300: ...mechanism 7 3 7 SAT and FwdFast Rules Chapter 7 Address Translation 300 ...
Страница 301: ...7 3 7 SAT and FwdFast Rules Chapter 7 Address Translation 301 ...
Страница 303: ... Changed on a regular basis such as every three months 8 1 Overview Chapter 8 User Authentication 303 ...
Страница 318: ...8 3 Customizing HTML Pages Chapter 8 User Authentication 318 ...
Страница 322: ...ALG 9 1 5 The TLS Alternative for VPN Chapter 9 VPN 322 ...
Страница 377: ...Management Interface Failure with VPN Chapter 9 VPN 377 ...
Страница 408: ...10 4 6 SLB_SAT Rules Chapter 10 Traffic Management 408 ...
Страница 419: ...11 5 HA Advanced Settings Chapter 11 High Availability 419 ...
Страница 426: ...12 3 5 Limitations Chapter 12 ZoneDefense 426 ...
Страница 449: ...13 9 Miscellaneous Settings Chapter 13 Advanced Settings 449 ...