ZyXEL Communications USG 2000 User Manual
Chapter 38 Anti-Spam
ZyWALL USG 2000 User’s Guide
665
If the ZyWALL receives conflicting DNSBL replies for an e-mail routing IP address,
the ZyWALL classifies the e-mail as spam. Here is an example.
the ZyWALL classifies the e-mail as spam. Here is an example.
Figure 448 Conflicting DNSBL Replies Example
1
The ZyWALL receives an e-mail that was sent from IP address a.b.c.d and relayed
by an e-mail server at IP address w.x.y.z. The ZyWALL sends a separate query to
each of its DNSBL domains for IP address a.b.c.d. The ZyWALL sends another
separate query to each of its DNSBL domains for IP address w.x.y.z.
by an e-mail server at IP address w.x.y.z. The ZyWALL sends a separate query to
each of its DNSBL domains for IP address a.b.c.d. The ZyWALL sends another
separate query to each of its DNSBL domains for IP address w.x.y.z.
2
DNSBL A replies that IP address a.b.c.d does not match any entries in its list (not
spam).
spam).
3
While waiting for a DNSBL reply about IP address w.x.y.z, the ZyWALL receives a
reply from DNSBL B saying IP address a.b.c.d is in its list.
reply from DNSBL B saying IP address a.b.c.d is in its list.
4
The ZyWALL immediately classifies the e-mail as spam and takes the action for
spam that you defined in the anti-spam policy. In this example it was an SMTP
mail and the defined action was to drop the mail. The ZyWALL does not wait for
any more DNSBL replies.
spam that you defined in the anti-spam policy. In this example it was an SMTP
mail and the defined action was to drop the mail. The ZyWALL does not wait for
any more DNSBL replies.
DNSBL A
DNSBL B
DNSBL C
IPs: a.b.c.d
w.x.y.z
w.x.y.z
1
2
a.b
.c.
d N
ot
sp
am
3
4
a.b
.c.
d?
w.
x.y
.z?
a.b
.c.d
?
w.x
.y.z
?
a.b.c.d?
w.x.y.z?
a.b.c.d Spam!