ProSecure Unified Threat Management (UTM) Appliance Reference Manual
6-12 Content Filtering and Optimizing Scans
v1.0, January 2010
3. Real-time blacklist. E-mails from known spam sources that are collected by blacklist
providers are blocked.
4. Distributed Spam Analysis. E-mails that are detected as spam by the NETGEAR Spam
Classification Center are either tagged or blocked.
This order of implementation ensures the optimum balance between spam prevention and system
performance. For example, if an e-mail originates from a whitelisted source, the UTM delivers the
e-mail immediately to its destination inbox without implementing the other spam prevention
technologies, thereby speeding up mail delivery and conserving the UTM system resources.
However, regardless of whether or not an e-mail is whitelisted, the e-mail is still scanned by the
UTM’s anti-malware engines.
You can configure these anti-spam options in conjunction with content filtering to optimize
blocking of unwanted mails.
Setting Up the Whitelist and Blacklist
You can specify e-mails that are accepted or blocked based on the originating IP address, domain,
and e-mail address by setting up the whitelist and blacklist. You can also specify e-mails that are
accepted based on the destination domain and e-mail address.
The whitelist ensures that e-mail from listed (that is, trusted) sources and recipients are not
mistakenly tagged as spam. E-mails going to and from these sources and recipients are delivered to
their destinations immediately, without being scanned by the anti-spam engines. This can help to
speed up the system and network performance. The blacklist, on the other hand, lists sources from
which all e-mail messages are blocked You can enter up to 200 entries per list, separated by
commas.
Note: E-mails that are processed through the UTM over an authenticated e-mail
connection between a client and a mail server are not checked for spam.
Note: An e-mail has been checked for spam by the UTM contains an “X-STM-SMTP”
(for SMTP e-mails) or “X-STM-POP3” (for POP-3 e-mails) tag in its header.
Note: The whitelist takes precedence over the blacklist, which means that if an e-mail
source is on both the blacklist and the whitelist, the e-mail is not scanned by the
anti-spam engines.