D-Link DFL-800-AV-12 User Manual - Page 150
Logging, Network Setup, Setup Summary, Caching Addresses for Performance, CLI Command, dnsbl
View all D-Link DFL-800-AV-12 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 150 highlights
6.2.5. SMTP Chapter 6. Security Mechanisms Logging There are three types of logging done by the SPAM filtering module: • Logging of dropped or SPAM tagged emails - These log messages include the source email address and IP as well as its weighted points score and which DNSBLs caused the event. • DNSBLs not responding - DNSBL query timeouts are logged. • All defined DNBSLs stop responding - This is a high severity event since all email will be allowed through if this happens. Network Setup Setup Summary To set up DNSBL SPAM filtering in the SMTP ALG, the following list summarizes the steps: • Specify which DNSBL servers are to be used. There can be multiple and they can act both as backups to each other as well as confirmation of a sender's status. • Specify a weight for each server which will determine how important it is in deciding if email is SPAM or not in the calculation of a weighted sum. • Specify the threshold for designating an email as SPAM. If the weighted sum is equal or greater than this then an email will be considered to be SPAM. • Specify a textual tag to prefix to the Subject field of email designated as SPAM. • Specify the Drop threshold. If the weighted sum is equal or greater than this then an email will be dropped entirely. This threshold should be greater or equal to the SPAM threshold. If they are equal then the Drop threshold will have precedence so that all email will be dropped when that threshold is reached. • Optionally specify an email address to which dropped email will be sent (as an alternative to simply discarding it). Optionally specify that the TXT messages sent by the DNSBL servers that failed it be appended to these emails. Caching Addresses for Performance To speed processing NetDefendOS maintains a cache of the most recently looked-up sender addresses in local memory. If the cache becomes full then the oldest entry is written over first. The Address Timeout value for the cache can be changed by the administrator. This determines how long any address will be valid for once it is saved in the cache. After this period of time has expired, a new query for a cached sender address must be sent to the DNSBL servers. The cache is emptied at startup or reconfiguration and its size of this cache can be controlled by the administrator. The dnsbl CLI Command The dnsbl CLI command provides a means to control and monitor the operation of the SPAM filtering module. The dnsbl command on its own without options shows the overall status of all ALGs. If the SMTP ALG name on which DNSBL SPAM filtering is enabled is my_smtp_alg then the output would be: 150