ZyXEL Communications 5 Series User Manual
Chapter 16 Anti-Spam Screens
ZyWALL 5/35/70 Series User’s Guide
324
16.6 Technical Reference
The anti-spam external database uses the following spam detection engines in checking each
e-mail.
e-mail.
• SpamBulk: This engine identifies e-mail that has been sent in bulk or is similar to e-mail
that is sent in bulk.
• SpamRepute: This engine checks to see if most people want the e-mail.
• SpamContent: This engine checks to see if the message would generally be considered
offensive.
• SpamTricks: This engine checks to see if the e-mail is formatted to be economical for
spammers or to circumvent anti-spam rules.
SpamRepute Engine
The SpamRepute engine calculates the reputation of the sender (whether or not most people
want to receive the e-mail from this sender).
want to receive the e-mail from this sender).
The SpamRepute engine checks proprietary and third-party databases of known spammer
email addresses, domains and IP addresses. The SpamRepute engine also uses Bayesian
statistical analysis to detect whether an e-mail is sent from a known in spite of a spammer’s
attempt to disguise the sender’s identity. The anti-spam external database combines all of this
data into a SpamRepute Index for calculating the reputation of the sender in order to guard
against foreign language spam, fraud and phishing.
email addresses, domains and IP addresses. The SpamRepute engine also uses Bayesian
statistical analysis to detect whether an e-mail is sent from a known in spite of a spammer’s
attempt to disguise the sender’s identity. The anti-spam external database combines all of this
data into a SpamRepute Index for calculating the reputation of the sender in order to guard
against foreign language spam, fraud and phishing.
Value
This field displays when you select the MIME Header type.
Type the value part of an MIME header (up to 63 ASCII characters).
In an MIME header, the part that comes after the colon is the value.
For example, if you want the whitelist or blacklist entry to check for the MIME
header “X-MSMail-Priority: Normal”, enter “Normal” here as the MIME value.
Type the value part of an MIME header (up to 63 ASCII characters).
In an MIME header, the part that comes after the colon is the value.
For example, if you want the whitelist or blacklist entry to check for the MIME
header “X-MSMail-Priority: Normal”, enter “Normal” here as the MIME value.
Subject
This field displays when you select the Subject type. Enter up to 63 ASCII
characters of text to check for in the e-mail headers. Spaces are allowed.
You can use a wildcard (*). For example, if you configure “*good”, any e-mail
subject that ends in “good” matches. So “this is very good” and “this is not so good”
both match.
The wildcard can be anywhere in the text string and you can use more than one
wildcard. You cannot use two wildcards side by side, there must be other
characters between them.
The ZyWALL can check up to the first 63 characters of an e-mail’s subject. The
whitelist or blacklist check fails for subjects over 63 characters. However, a
whitelist or blacklist entry that uses some text followed by a wildcard only requires
the ZyWALL to check the number of characters before the wildcard. So the check
would still work for subjects longer than 63 characters. For example, if you used
“abc*”, the ZyWALL would only check up to the first three characters of the e-mail
subject.
characters of text to check for in the e-mail headers. Spaces are allowed.
You can use a wildcard (*). For example, if you configure “*good”, any e-mail
subject that ends in “good” matches. So “this is very good” and “this is not so good”
both match.
The wildcard can be anywhere in the text string and you can use more than one
wildcard. You cannot use two wildcards side by side, there must be other
characters between them.
The ZyWALL can check up to the first 63 characters of an e-mail’s subject. The
whitelist or blacklist check fails for subjects over 63 characters. However, a
whitelist or blacklist entry that uses some text followed by a wildcard only requires
the ZyWALL to check the number of characters before the wildcard. So the check
would still work for subjects longer than 63 characters. For example, if you used
“abc*”, the ZyWALL would only check up to the first three characters of the e-mail
subject.
Apply
Click Apply to save your settings and exit this screen.
Cancel
Click Cancel to exit this screen without saving.
Table 91 SECURITY > ANTI-SPAM > Lists > Edit
LABEL
DESCRIPTION