D-Link DFL-260E User Manual page 266
Network security firewall netdefendos version 2.27.03
Hide thumbs
Also See for DFL-260E:
- Reference manual (948 pages) ,
- Log reference manual (652 pages) ,
- User manual (589 pages)
Table of Contents
Advertisement
6.2.5. The SMTP ALG
Logging
There are three types of logging done by the Spam filtering module:
•
Logging of dropped or Spam tagged emails - These log messages include the source email
address and IP as well as its weighted points score and which DNSBLs caused the event.
•
DNSBLs not responding - DNSBL query timeouts are logged.
•
All defined DNBSLs stop responding - This is a high severity event since all email will be
allowed through if this happens.
Setup Summary
To set up DNSBL Spam filtering in the SMTP ALG, the following list summarizes the steps:
•
Specify the DNSBL servers that are to be used. There can be one or multiple. Multiple servers
can act both as backups to each other as well as confirmation of a sender's status.
•
Specify a weight for each server which will determine how important it is in deciding if email is
Spam or not in the calculation of a weighted sum.
•
Specify the thresholds for designating any email as Spam. If the weighted sum is equal or
greater than these then an email will be considered to be Spam. Two thresholds are specified:
i.
Spam Threshold - The threshold for tagging mail as spam.
ii.
Drop Threshold - The threshold for dropping mail.
The Spam Threshold should be less than the Drop Threshold. If the two are equal then only the
Drop Threshold applies.
•
Specify a textual tag to prefix to the Subject field of email designated as Spam.
•
Optionally specify an email address to which dropped email will be sent (as an alternative to
simply discarding it). Optionally specify that the TXT messages sent by the DNSBL servers that
failed are inserted into the header of these emails.
Caching Addresses for Performance
To speed processing NetDefendOS maintains a cache of the most recently looked-up sender "From"
addresses in local memory. If the cache becomes full then the oldest entry is written over first. There
are two parameters which can be configured for the address cache:
•
Cache Size
This is the number of entries that the cache can contain. If set to zero, the cache is not used.
Increasing the cache size increases the amount of NetDefendOS memory required for
Anti-Spam.
•
Cache Timeout
The timeout determines how long any address will be valid for once it is saved in the cache.
After this period of time has expired, a new query for a cached sender address must be sent to
the DNSBL servers.
The default value if 600 seconds.
The Anti-Spam address cache is emptied at startup or reconfiguration.
266
Chapter 6. Security Mechanisms
- Quick Links:
- The Web Interface
- The Cli
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
