1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. ZyWALL-USG50
    5. /
  5. 114
Page 566 / 944 Scroll up to view Page 561 - 565
Chapter 34 Anti-Spam
ZyWALL USG 50 User’s Guide
566
Black List
Configure black list entries to identify spam. The black list entries have the
ZyWALL classify any e-mail that is from or forwarded by a specified IP address or
uses a specified header field and header value as being spam. If an e-mail does
not match any of the white list entries, the ZyWALL checks it against the black list
entries. The ZyWALL classifies an e-mail that matches a black list entry as spam
and immediately takes the configured action for dealing with spam. If an e-mail
matches a blacklist entry, the ZyWALL does not perform any more anti-spam
checking on that individual e-mail. A properly configured black list helps catch
spam e-mail and increases the ZyWALL’s anti-spam speed and efficiency.
SMTP and POP3
Simple Mail Transfer Protocol (SMTP) is the Internet’s message transport
standard. It controls the sending of e-mail messages between servers. E-mail
clients (also called e-mail applications) then use mail server protocols such as POP
(Post Office Protocol) or IMAP (Internet Message Access Protocol) to retrieve e-
mail. E-mail clients also generally use SMTP to send messages to a mail server.
The older POP2 requires SMTP for sending messages while the newer POP3 can be
used with or without it. This is why many e-mail applications require you to specify
both the SMTP server and the POP or IMAP server (even though they may actually
be the same server).
The ZyWALL’s anti-spam feature checks SMTP (TCP port 25) and POP3 (TCP port
110) e-mails. The anti-spam feature does not check (or act upon) e-mails that use
other protocols (such as IMAP) or other port numbers.
E-mail Headers
Every email has a header and a body. The header is structured into fields and
includes the addresses of the recipient and sender, the subject, and other
information about the e-mail and its journey. The body is the actual message text
and any attachments. You can have the ZyWALL check for specific header fields
with specific values.
E-mail programs usually only show you the To:, From:, Subject:, and Date:
header fields but there are others such as Received: and Content-Type:. To see all
of an e-mail’s header, you can select an e-mail in your e-mail program and look at
its properties or details. For example, in Microsoft’s Outlook Express, select a mail
and click
File > Properties > Details
. This displays the e-mail’s header. Click
Message Source
to see the source for the entire mail including both the header
and the body.
Page 567 / 944
Chapter 34 Anti-Spam
ZyWALL USG 50 User’s Guide
567
E-mail Header Buffer Size
The ZyWALL has a 5 K buffer for an individual e-mail header. If an e-mail’s header
is longer than 5 K, the ZyWALL only checks up to the first 5 K.
DNSBL
A DNS Black List (DNSBL) is a server that hosts a list of IP addresses known or
suspected of having sent or forwarded spam. A DNSBL is also known as a DNS
spam blocking list. The ZyWALL can check the routing addresses of e-mail against
DNSBLs and classify an e-mail as spam if it was sent or forwarded by a computer
with an IP address in the DNSBL.
Finding Out More
See
Section 34.7 on page 578
for more background information on anti-spam.
34.2
Before You Begin
Configure your zones before you configure anti-spam.
34.3
The Anti-Spam General Screen
Click
Configuration > Anti-X
>
Anti-Spam
to open the
Anti-Spam General
screen. Use this screen to turn the anti-spam feature on or off and manage anti-
Page 568 / 944
Chapter 34 Anti-Spam
ZyWALL USG 50 User’s Guide
568
spam policies. You can also select the action the ZyWALL takes when the mail
sessions threshold is reached.
Figure 325
Configuration > Anti-X > Anti-Spam > General
The following table describes the labels in this screen.
Table 164
Configuration > Anti-X > Anti-Spam > General
LABEL
DESCRIPTION
Show Advance
Settings / Hide
Advance
Settings
Click this button to display a greater or lesser number of configuration
fields.
General
Settings
Enable Anti-
Spam
Select this check box to check SMTP (TCP port 25) and POP3 (TCP port
110) traffic for spam e-mail.
Action taken
when mail
sessions
threshold is
reached
An e-mail session is when an e-mail client and e-mail server (or two e-
mail servers) connect through the ZyWALL. Select how to handle
concurrent e-mail sessions that exceed the maximum number of
concurrent e-mail sessions that the anti-spam feature can handle. See
the chapter of product specifications for the threshold.
Select
Forward Session
to have the ZyWALL allow the excess e-mail
sessions without any spam filtering.
Select
Drop Session
to have the ZyWALL drop mail connections to stop
the excess e-mail sessions. The e-mail client or server will have to re-
attempt to send or receive e-mail later when the number of e-mail
sessions is under the threshold.
Policy
Summary
Add
Click this to create a new entry. Select an entry and click
Add
to create a
new entry after the selected entry.
Edit
Select an entry and click this to be able to modify it.
Page 569 / 944
Chapter 34 Anti-Spam
ZyWALL USG 50 User’s Guide
569
34.3.1
The Anti-Spam Policy Add or Edit Screen
Click the
Add
or
Edit
icon in the
Configuration > Anti-X
>
Anti-Spam >
General
screen to display the configuration screen as shown next. Use this screen
to configure an anti-spam policy that controls what traffic direction of e-mail to
Remove
Select an entry and click this to delete it.
Activate
To turn on an entry, select it and click
Activate
.
Inactivate
To turn off an entry, select it and click
Inactivate
.
Move
To change an entry’s position in the numbered list, select it and click
Move
to display a field to type a number for where you want to put that
entry and press [ENTER] to move the entry to the number that you
typed.
Status
The activate (light bulb) icon is lit when the entry is active and dimmed
when the entry is inactive.
Priority
This is the position of an anti-spam policy in the list. The ordering of your
anti-spam policies is important as the ZyWALL applies them in sequence.
Once traffic matches an anti-spam policy, the ZyWALL applies that policy
and does not check the traffic against any more policies.
From
The anti-spam policy has the ZyWALL scan e-mail traffic that is coming
from this zone and going to the
To
zone.
To
The anti-spam policy has the ZyWALL scan e-mail traffic that is going to
this zone from the
From
zone.
Protocol
These are the protocols of traffic to scan for spam.
SMTP
applies to
traffic using TCP port 25.
POP3
applies to traffic using TCP port 110.
Apply
Click
Apply
to save your changes back to the ZyWALL.
Reset
Click
Reset
to return the screen to its last-saved settings.
Table 164
Configuration > Anti-X > Anti-Spam > General
LABEL
DESCRIPTION
Page 570 / 944
Chapter 34 Anti-Spam
ZyWALL USG 50 User’s Guide
570
check, which e-mail protocols to scan, the scanning options, and the action to take
on spam traffic.
Figure 326
Configuration > Anti-X > Anti-Spam > General > Add
The following table describes the labels in this screen.
Table 165
Configuration > Anti-X > Anti-Spam > General > Add
LABEL
DESCRIPTION
Enable Policy
Select this check box to have the ZyWALL apply this anti-spam policy to
check e-mail traffic for spam.
Log
Select how the ZyWALL is to log the event when the DNSBL times out or
an e-mail matches the white list, black list, or DNSBL.
no
: Do not create a log.
log
: Create a log on the ZyWALL.
log alert
: An alert is an e-mailed log for more serious events that may
need more immediate attention. Select this option to have the ZyWALL
send an alert.
From
To
Select source and destination zones for traffic to scan for spam. The
anti-spam policy has the ZyWALL scan traffic coming from the
From
zone and going to the
To
zone.
Protocols to
Scan
Select which protocols of traffic to scan for spam.
SMTP
applies to traffic using TCP port 25.
POP3
applies to traffic using TCP port 110.

Rate

4.5 / 5 based on 2 votes.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top