ePrism User Guide - EdgeWave

More documents

Recommendations

Info

Anti-Spam Features Anti-Spam Feature Overview The following sections provide an overview of ePrism’s Anti-Spam features. ePrism’s Anti-Spam Tools ePrism contains built-in spam controls that have been developed to take advantage of its extensive mail control features. ePrism provides flexible tools for creating local exceptions, managing whitelists and blacklists, and controlling undesirable content. ePrism’s anti-spam controls include the following features: • RBL (Realtime Blackhole Lists) to reject known spam sources. • DCC (Distributed Checksum Clearinghouse) to control bulk mail. • STA (Statistical Token Analysis) for advanced statistical analysis. ePrism works by applying increasing levels of filtering as follows: 1. Filter message based on the server sending the initial connection request. 2. Filter message based on message envelope contents. 3. Look up the source server in the RBL lists. 4. Determine if the message is bulk-mail via DCC. 5. Apply sophisticated analysis to the content via STA. Flexible dispositions enable the filtered mail to be quarantined, rejected, or classified in the subject header to be captured by the mail client. See “ePrism Anti-Spam Controls” on page 102 for detailed information on configuring ePrism’s built-in anti-spam features. 98
Email Spam Processing Email Spam Processing ePrism applies a series of filters to messages beginning with the simplest and proceeding to the most complex. The sequence is as follows: 1. Various SMTP connection checks are performed for items such as unauthorized pipelining commands, non-FQDN senders, unknown sender domains, and so on. 2. The source of the message is compared against a locally specified Specific Access Pattern. If found, it may be "rejected" or "accepted" for immediate delivery or relay. 3. ePrism will apply locally specified attachment, malformation, and virus checks on the contents of the message. 4. The message is passed through the OCF (Objectionable Content Filter) which searches for objectionable text within a message. 5. The message is passed through Pattern Based Message Filters that look for a text or pattern match against a specified part of the message. If a filter rule is triggered, an associated action is executed such as "reject" or "accept" for immediate delivery. Any defined Trusted Senders will allow mail to bypass the rest of the spam controls. 6. Mail is processed for spam only if it arrives from an "untrusted" source. This is defined as any system not on the local network or not specifically "trusted" by the administrator. 7. The source of the message is checked to see it is listed on an RBL (Real-time Blackhole List), if enabled. The message may be rejected, quarantined, or tagged and delivered as required. 8. The message is checked by DCC, if enabled, which reports if the message is "bulk" or has been reported on the Internet a certain number of times to be classified as "bulk". If this value exceeds the local threshold, the message may be rejected, quarantined, or tagged and delivered as required. 9. The message is checked by STA, if enabled, to see if its contents exceed a locally specified threshold for spam. If so, the message may be rejected, quarantined, or tagged and delivered as required. 10. Prior to delivery, ePrism will check to see if this message was relayed. See “Message Processing Order” on page 271 for a summary of the message processing order. 99
Page 1:
M1000, M2000, M3000 ePrism User Gui
Page 4 and 5:
Malformed Messages 83 Attachment Co
Page 6 and 7:
APPENDIX A Using the ePrism System
Page 8 and 9:
• ePrism Installation Guide — P
Page 10 and 11:
ePrism Overview What’s New in ePr
Page 12 and 13:
ePrism Overview ePrism Overview ePr
Page 14 and 15:
ePrism Overview Virus Scanning The
Page 16 and 17:
ePrism Overview HALO (High Availabi
Page 18 and 19:
ePrism Overview display this inform
Page 20 and 21:
ePrism Overview ePrism on the DMZ D
Page 22 and 23:
ePrism Overview Malformed Content,
Page 24 and 25:
ePrism Overview 22
Page 26 and 27:
Administering ePrism Connecting to
Page 28 and 29:
Administering ePrism • Anti-Virus
Page 30 and 31:
Administering ePrism Configuring th
Page 32 and 33:
Administering ePrism 4. Select the
Page 34 and 35:
Administering ePrism Customizing th
Page 36 and 37:
Configuring Mail Delivery Settings
Page 38 and 39:
Page 40 and 41:
Page 42 and 43:
Page 44 and 45:
Page 46 and 47:
Page 48 and 49:
Page 50 and 51: Configuring Mail Delivery Settings
Page 56 and 57: Directory Services Directory Servic
Page 58 and 59: Directory Services Directory Server
Page 60 and 61: Directory Services Directory Groups
Page 62 and 63: Directory Services • Start Time
Page 64 and 65: Directory Services Base: Searches t
Page 66 and 67: Directory Services Mirror LDAP Acco
Page 68 and 69: Directory Services Base: Searches t
Page 70 and 71: Directory Services • Search Base
Page 72 and 73: Directory Services • Directory Se
Page 74 and 75: Directory Services 3. Select Basic
Page 76 and 77: Directory Services LDAP Routing LDA
Page 78 and 79: Directory Services 76
Page 80 and 81: Configuring Email Security SMTP Mai
Page 82 and 83: Configuring Email Security Anti-Vir
Page 84 and 85: Configuring Email Security outbound
Page 86 and 87: Configuring Email Security Reject m
Page 88 and 89: Configuring Email Security • Acti
Page 90 and 91: Configuring Email Security SPF (Sen
Page 92 and 93: Configuring Email Security Encrypti
Page 94 and 95: Configuring Email Security Select M
Page 96 and 97: Configuring Email Security Install
Page 98 and 99: Configuring Email Security Intermed
Page 102 and 103: Anti-Spam Features Anti-Spam Strate
Page 104 and 105: Anti-Spam Features ePrism Anti-Spam
Page 106 and 107: Anti-Spam Features Specific Access
Page 108 and 109: Anti-Spam Features Matching Rules S
Page 110 and 111: Anti-Spam Features Email Message St
Page 112 and 113: Anti-Spam Features Select the Messa
Page 114 and 115: Anti-Spam Features Note: Although t
Page 116 and 117: Anti-Spam Features 114
Page 118 and 119: Anti-Spam Features • Reject mail
Page 120 and 121: Anti-Spam Features • Enable RBLs
Page 122 and 123: Anti-Spam Features Configuring DCC
Page 124 and 125: Anti-Spam Features DCC Servers The
Page 126 and 127: Anti-Spam Features earn millions!!!
Page 128 and 129: Anti-Spam Features Setting Threshol
Page 130 and 131: Anti-Spam Features Note: During the
Page 132 and 133: Anti-Spam Features Uploaded — Ent
Page 134 and 135: Anti-Spam Features Troubleshooting
Page 136 and 137: Anti-Spam Features WebMail access m
Page 138 and 139: Anti-Spam Features Spam Quarantine
Page 140 and 141: Anti-Spam Features • Allow releas
Page 142 and 143: Anti-Spam Features In User Accounts
Page 144 and 145: Anti-Spam Features • Reject on un
Page 146 and 147: User Accounts and Remote Authentica
Page 148 and 149: User Accounts and Remote Authentica
Page 150 and 151:
User Accounts and Remote Authentica
Page 152 and 153:
Page 154 and 155:
Page 156 and 157:
Page 158 and 159:
Page 160 and 161:
Page 162 and 163:
Secure WebMail and ePrism Mail Clie
Page 164 and 165:
Page 166 and 167:
Page 168 and 169:
Page 170 and 171:
Policy Management Policy Overview e
Page 172 and 173:
Policy Management Anti-Spam Scenari
Page 174 and 175:
Policy Management Enter the domain
Page 176 and 177:
Policy Management Step 5: Configure
Page 178 and 179:
Policy Management 176
Page 180 and 181:
System Management System Status and
Page 182 and 183:
System Management Current Admin and
Page 184 and 185:
System Management Quarantine Manage
Page 186 and 187:
System Management License Managemen
Page 188 and 189:
System Management Software Updates
Page 190 and 191:
System Management Reboot and Shutdo
Page 192 and 193:
System Management Starting a Backup
Page 194 and 195:
System Management • Backup system
Page 196 and 197:
System Management Restoring from Ba
Page 198 and 199:
System Management You can view the
Page 200 and 201:
System Management Configuring Centr
Page 202 and 203:
System Management Using the Managem
Page 204 and 205:
System Management Problem Reporting
Page 206 and 207:
HALO (High Availability and Load Op
Page 208 and 209:
Page 210 and 211:
Page 212 and 213:
Page 214 and 215:
Page 216 and 217:
Page 218 and 219:
Page 220 and 221:
Page 222 and 223:
Page 224 and 225:
Reporting Viewing and Generating Re
Page 226 and 227:
Reporting Reports that have been pr
Page 228 and 229:
Reporting Click the Generate Now bu
Page 230 and 231:
Reporting TABLE 1. Reporting Field
Page 232 and 233:
Reporting Creating Report Filters Y
Page 234 and 235:
Reporting Search Search for specifi
Page 236 and 237:
Reporting Viewing the System Histor
Page 238 and 239:
Reporting TABLE 2. System Database
Page 240 and 241:
Reporting Disabling Reporting The r
Page 242 and 243:
Monitoring System Activity Activity
Page 244 and 245:
Monitoring System Activity System L
Page 246 and 247:
Monitoring System Activity Configur
Page 248 and 249:
Monitoring System Activity Configur
Page 250 and 251:
Monitoring System Activity Alarms e
Page 252 and 253:
Monitoring System Activity System A
Page 254 and 255:
Troubleshooting Mail Delivery Troub
Page 256 and 257:
Troubleshooting Mail Delivery Exami
Page 258 and 259:
Troubleshooting Mail Delivery TABLE
Page 260 and 261:
Troubleshooting Mail Delivery Netwo
Page 262 and 263:
Troubleshooting Mail Delivery SMTP
Page 264 and 265:
Troubleshooting Mail Delivery Trace
Page 266 and 267:
Troubleshooting Mail Delivery Displ
Page 268 and 269:
Using the ePrism System Console Pre
Page 270 and 271:
Using the ePrism System Console 268
Page 272 and 273:
Restoring ePrism to Factory Default
Page 274 and 275:
Message Processing Order 23. DCC (D
Page 276 and 277:
Customizing Notification and Annota
Page 278 and 279:
Performance Tuning Setting Default
Page 280 and 281:
Performance Tuning Maximum Number o
Page 282 and 283:
Performance Tuning Number of DB Pro
Page 284 and 285:
Performance Tuning 282
Page 286 and 287:
SNMP MIBS TABLE 1. Memory Usage and
Page 288 and 289:
SNMP MIBS Alarm Objects TABLE 5. Al
Page 290 and 291:
SNMP MIBS .1.11.10.2.2 = bwProducts
Page 292 and 293:
SNMP MIBS .11.4.0 = systemStats.ssS
Page 294 and 295:
Third Party Copyrights and Licenses
Page 296 and 297:
Page 298 and 299:
Page 300 and 301:
Page 302 and 303:
Page 304 and 305:
Page 306 and 307:
Page 308 and 309:
Page 310 and 311:
Page 312 and 313:
Page 314 and 315:
Default Logo 32 Default Mail Relay
Page 316 and 317:
Personal Quarantine Controls 161 Pi
Page 318 and 319:
V Vacation Notification 154 Very Ma
show all

ePrism User Guide - EdgeWave

Create successful ePaper yourself

Delete template?

Save as template?