ZyXEL Communications ZyWALL5UTM 4.0 User Manual

ZyWALL 5/35/70 Series User’s Guide

Chapter 15 Anti-Spam

262

This chapter covers how to use the ZyWALL’s anti-spam feature to deal with junk e-mail 
(spam).

The ZyWALL’s anti-spam feature identifies unsolicited commercial or junk e-mail (spam). 
You can set the ZyWALL to mark or discard spam. The ZyWALL can use an anti-spam 
external database to help identify spam. Use the whitelist to identify legitimate e-mail. Use the 
blacklist to identify spam e-mail.  

If an e-mail does not match any of the whitelist or blacklist entries, the ZyWALL calculates a 
digest (fingerprint ID) of the e-mail and sends it to the anti-spam external database. The anti-
spam external database checks the digest against (more than a million) known spam patterns. 
The anti-spam external database uses the following spam detection engines in checking each 
e-mail.

• SpamBulk: This engine identifies e-mail that has been sent in bulk or is similar to e-mail 

that is sent in bulk. 

• SpamRepute: This engine checks to see if most people want the e-mail. 
• SpamContent: This engine checks to see if the message would generally be considered 

offensive. 

• SpamTricks: This engine checks to see if the e-mail is formatted to be economical for 

spammers or to circumvent anti-spam rules. 

The anti-spam external database then uses a proprietary Bayesian

1

 statistical formula to 

combine the results into one score of how likely the e-mail is to be spam and sends it to the 
ZyWALL. The possible range for the spam score is 0~100. The closer the score is to 100, the 
more likely the e-mail is to be spam. You must subscribe to and activate the anti-spam external 
database service in order to use it (see 

 for details).

1.

Bayesian analysis interprets probabilities as degrees of belief rather than as proportions, 

frequencies and such. Bayesian analysis frequently uses Bayes' theorem, hence the name.